SSA-312271 (Last Update: 2020-07-14): Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications

Published

2020-07-14 00:00:00 UTC

Summary

The latest update for affected products fix local privilege escalation vulnerabilities that could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges.

Siemens has released updates for some of the affected products, and is working on further updates. For the remaining affected products, Siemens recommends specific countermeasures until fixes are available.