Privilege Escalation Vulnerability in TIA Administrator by Siemens
CVE-2025-23365

8.5HIGH

Key Information:

Vendor: Siemens
Status: Tia Administrator
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-23365?

A vulnerability exists in TIA Administrator that enables low-privileged users to exploit cache files, leading to potential privilege escalation. This issue allows an attacker to modify the installation path and execute arbitrary code, posing a severe security risk. Immediate action is advised for users on affected versions to mitigate potential threats.

Affected Version(s)

TIA Administrator 0

References

https://cert-portal.siemens.com/productcert/html/ssa-5736...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Jan 14, 2025