CVE-2022-35868 Information

Description

A vulnerability has been identified in TIA Multiuser Server V14 (All versions) TIA Multiuser Server V15 (All versions < V15.1 Update 8) TIA Project-Server (All versions < V1.1) TIA Project-Server V16 (All versions) TIA Project-Server V17 (All versions). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges when tricking a legitimate user to start the service from an attacker controlled path.

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-640968.pdf