Publication Date: 2020-01-14
Last Update: 2022-06-14
Current Version: V1.5
CVSS v3.1 Base Score: 7.8

Affected Product and Versions Remediation
TIA Portal V14:
All versions
Currently no fix is planned
See recommendations from section Workarounds and Mitigations
TIA Portal V15:
All versions < V15.1 Update 7
Update to V15.1 Update 7 or later version
https://support.industry.siemens.com/cs/de/de/view/109763890
See further recommendations from section Workarounds and Mitigations
TIA Portal V16:
All versions
Currently no fix is available
See recommendations from section Workarounds and Mitigations
TIA Portal V17:
All versions < V17 Update 4
Update to V17 Update 4 or later version
https://support.industry.siemens.com/cs/ww/en/view/109784441
See further recommendations from section Workarounds and Mitigations

CVSS v3.1 Base Score 7.8
CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C
CWE: CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)

https://www.siemens.com/cert/advisories