Siemens Tia Administrator vulnerabilities
6 known vulnerabilities affecting siemens/tia_administrator.
Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-30033HIGHCVSS 8.5fixed in V3.0.62025-08-12
CVE-2025-30033 [HIGH] CWE-427 CVE-2025-30033: The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute
The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.
cvelistv5nvd
CVE-2025-23365HIGHCVSS 8.5fixed in 3.0.6fixed in V3.0.62025-07-08
CVE-2025-23365 [HIGH] CWE-284 CVE-2025-23365: A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected appli
A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the downloads path. This would allow an attacker to escalate privilege and exceute arbitrary code.
cvelistv5nvd
CVE-2025-23364MEDIUMCVSS 6.9fixed in 3.0.6fixed in V3.0.62025-07-08
CVE-2025-23364 [MEDIUM] CWE-347 CVE-2025-23364: A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected appli
A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application improperly validates code signing certificates.
This could allow an attacker to bypass the check and exceute arbitrary code during installations.
cvelistv5nvd
CVE-2024-45386HIGHCVSS 8.7fixed in V3.0.42025-02-11
CVE-2024-45386 [HIGH] CWE-613 CVE-2024-45386: A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (Al
A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SIMOCODE ES V19 (All versions < V19 Update 1), SIRIUS Safety ES V19 (TIA Portal) (All versions < V19 Update 1), SIRIUS Soft Starter ES V19 (TIA Portal) (All versions < V19
cvelistv5nvd
CVE-2023-38533MEDIUMCVSS 4.8fixed in 3.0v3.0+1 more2024-06-11
CVE-2023-38533 [MEDIUM] CWE-379 CVE-2023-38533: A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected compo
A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process.
cvelistv5nvd
CVE-2019-10915HIGHCVSS 7.8PoCv1.02019-07-11
CVE-2019-10915 [HIGH] CWE-306 CVE-2019-10915: A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integra
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation req
nvd