Security Advisory

CVE-2023-30897

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-13 08:17:11

Last updated 2025-01-03 01:43:13

Assigner siemens

State PUBLISHED

Description

A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

← Browse all CVEs View on cve.org ↗