SSA-312271 V1.4 (Last Update: 2020-12-08): Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications


2020-12-08 00:00:00 UTC


The latest update for affected products fix local privilege escalation vulnerabilities that could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges.

Siemens has released updates for some of the affected products, and is working on further updates. For the remaining affected products, Siemens recommends specific countermeasures until fixes are available.