Siemens SIMATIC ProSave < 1300.100.2201.15 Untrusted Path Arbitrary Code Execution (SSA-451236)
Medium Nessus Plugin ID 84499
SynopsisAn application running on the remote host is affected by an arbitrary code execution vulnerability.
DescriptionThe remote host is running a version of Siemens SIMATIC ProSave prior to version 13 Service Pack 1. It is, therefore, affected by an arbitrary code execution vulnerability due to searching insufficiently qualified paths when loading specific files and libraries. A local attacker can exploit this with a specially crafted application file which loads before the legitimate version, resulting in the execution of arbitrary code under the privileges of the current user.
SolutionUpgrade to Siemens SIMATIC ProSave version 13 Service Pack 1 (1300.100.2201.15) or later.