CVE-2023-26293 : A vulnerability has been identified in Totally Integrated Automation Portal (TIA

A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions < V16 Update 7), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.

Published 2023-04-11 10:15:18

Updated 2024-08-13 08:15:06

Source Siemens AG

View at NVD, CVE.org

Vulnerability category: Directory traversal

Products affected by CVE-2023-26293

Siemens » Tia Portal » Version: 16
cpe:2.3:a:siemens:tia_portal:16:*:*:*:*:*:*:*
Matching versions
Siemens » Tia Portal » Version: 18
cpe:2.3:a:siemens:tia_portal:18:-:*:*:*:*:*:*
Matching versions
Siemens » Tia Portal » Version: 15
cpe:2.3:a:siemens:tia_portal:15:*:*:*:*:*:*:*
Matching versions
Siemens » Tia Portal » Version: 17
cpe:2.3:a:siemens:tia_portal:17:-:*:*:*:*:*:*
Matching versions
Siemens » Tia Portal » Version: 17 Update Update4
cpe:2.3:a:siemens:tia_portal:17:update4:*:*:*:*:*:*
Matching versions
Siemens » Tia Portal » Version: 17 Update Update3
cpe:2.3:a:siemens:tia_portal:17:update3:*:*:*:*:*:*
Matching versions
Siemens » Tia Portal » Version: 17 Update Update2
cpe:2.3:a:siemens:tia_portal:17:update2:*:*:*:*:*:*
Matching versions
Siemens » Tia Portal » Version: 17 Update Update1
cpe:2.3:a:siemens:tia_portal:17:update1:*:*:*:*:*:*
Matching versions
Siemens » Tia Portal » Version: 17 Update Update5
cpe:2.3:a:siemens:tia_portal:17:update5:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-26293

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 13 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-26293

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.3	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L	1.8	5.5	Siemens AG
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: Low

CWE ids for CVE-2023-26293

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: productcert@siemens.com (Primary)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Assigned by: nvd@nist.gov (Secondary)

References for CVE-2023-26293

https://cert-portal.siemens.com/productcert/pdf/ssa-116924.pdf

Patch;Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-116924.html

SSA-116924

Jump to

Vulnerability Details : CVE-2023-26293

Products affected by CVE-2023-26293

Exploit prediction scoring system (EPSS) score for CVE-2023-26293

CVSS scores for CVE-2023-26293

CWE ids for CVE-2023-26293

References for CVE-2023-26293