Vulnerability Description
A vulnerability has been identified in TIA Portal V14 (All versions), TIA Portal V15 (All versions < V15.1 Update 7), TIA Portal V16 (All versions < V16 Update 6), TIA Portal V17 (All versions < V17 Update 4). Changing the contents of a configuration file could allow an attacker to execute arbitrary code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system. No user interaction is required. At the time of advisory publication no public exploitation of this security vulnerability was known.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Totally Integrated Automation Portal | >= 14, <= 17 |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-629512.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-629512.pdfVendor Advisory
FAQ
What is CVE-2019-10934?
CVE-2019-10934 is a vulnerability with a CVSS score of 7.8 (HIGH). A vulnerability has been identified in TIA Portal V14 (All versions), TIA Portal V15 (All versions < V15.1 Update 7), TIA Portal V16 (All versions < V16 Update 6), TIA Portal V17 (All versions < V17 U...
How severe is CVE-2019-10934?
CVE-2019-10934 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-10934?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Totally Integrated Automation Portal.