CNNVD-202507-917 Information
CNNVD ID
CNNVD-202507-917
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
Siemens TIA Administrator是德国西门子(Siemens)公司的一款用于授权和许可SIMATIC产品的管理程序。 Siemens TIA Administrator 3.0.6之前版本存在数据伪造问题漏洞,该漏洞源于代码签名证书验证不当,可能导致攻击者绕过检查并在安装期间执行任意代码。
Description (English)
Siemens TIA Administrator is a German company, Siemens, which administers and licenses SIMATIC products. The previous version of Siemens TIA Administrator 3.5.6 had a loophole in the problem of data forgery, which stemmed from the miscertification of the code signature certificate, which could lead the attackers to bypass the inspection and to enforce any code during installation.
Hazard Level
High
Vulnerability Type
数据伪造问题
Affected Vendor
西门子
Published
2025-07-08
Last Modified
2026-02-24
References
https://cert-portal.siemens.com/productcert/html/ssa-573669.html https://nvd.nist.gov/vuln/detail/CVE-2025-23364
Patch
https://support.industry.siemens.com/cs/document/109825038/tia-administrator-updates?dti=0&lc=en-WW
Share on: