CVE-2020-25238

CVE-2020-25238

Vendor Siemens
Product PCS neo (Administration Console)
Weakness CWE-284
Published February 9, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in PCS neo (Administration Console) (All versions < V3.1), TIA Portal (V15, V15.1 and V16). Manipulating certain files in specific folders could allow a local attacker to execute code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system.

Key dates

02Disclosure timeline

February 9, 2021 CVE published
August 4, 2024 Record updated