The latest updates for TIA Portal fix a vulnerability that could allow a local attacker to execute arbitrary code with SYSTEM privileges. Update: The previously provided fixes only correctly set the permissions on English Windows versions. Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
https://cert-portal.siemens.com/productcert/pdf/ssa-629512.pdf