FSA-202303
Vulnerability from csaf_festosecokg - Published: 2023-10-17 06:00 - Updated: 2025-10-01 06:00Summary
Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products
Notes
Summary: A vulnerability was reported in Siemens TIA Portal. TIA Portal is part of the installation packages of several Festo Didactic products.
TP 260 before June 2023 and MES PC based on DELL XE3 contain a vulnerable versions of TIA Portal V15 to V18.
Affected products of TIA Portal contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system.
General recommendations: As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits:
- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
- Use firewalls to protect and separate the control system network from other networks
- Use VPN (Virtual Private Networks) tunnels if remote access is required
Activate and apply user management and password features
- Use encrypted communication links
- Limit the access to both development and control system by physical means, operating system features, etc.
- Protect both development and control system by using up to date virus detecting solutions
Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes.
For a secure operation follow the recommendations in the product manuals.
Remediation: Update TIA-Portal. Please refer to Siemens SSA-116924 for more details.
Disclaimer: Festo assumes no liability whatsoever for indirect, collateral, accidental or consequential losses that occur by the distribution and/or use of this document or any losses in connection with the distribution and/or use of this document. All information published in this document is provided free of charge and on good faith by Festo. Insofar as permissible by law, however, none of this information shall establish any warranty, guarantee, commitment, or liability on the part of Festo.\n\nNote: In no case does this information release the operator or responsible person from the obligation to check the effect on his system or installation before using the information and, in the event of negative consequences, not to use the information.\n\nIn addition, the actual general terms, and conditions for delivery, payment and software use of Festo, available under http://www.festo.com and the special provisions for the use of Festo Security Advisory available at https://www.festo.com/psirt shall apply.
A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.
7.8 (High)
Vendor Fix
Update TIA-Portal. Please refer to Siemens SSA-116924 for more details.
References
| URL | Category | |
|---|---|---|
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination and support with this publication",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "A vulnerability was reported in Siemens TIA Portal. TIA Portal is part of the installation packages of several Festo Didactic products.\n\nTP 260 before June 2023 and MES PC based on DELL XE3 contain a vulnerable versions of TIA Portal V15 to V18.\n\nAffected products of TIA Portal contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system.",
"title": "Summary"
},
{
"category": "general",
"text": "As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n- Use firewalls to protect and separate the control system network from other networks\n- Use VPN (Virtual Private Networks) tunnels if remote access is required\nActivate and apply user management and password features\n- Use encrypted communication links\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detecting solutions\n\nFesto strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes.\n\nFor a secure operation follow the recommendations in the product manuals.",
"title": "General recommendations"
},
{
"category": "description",
"text": "Update TIA-Portal. Please refer to Siemens SSA-116924 for more details.",
"title": "Remediation"
},
{
"category": "legal_disclaimer",
"text": "Festo assumes no liability whatsoever for indirect, collateral, accidental or consequential losses that occur by the distribution and/or use of this document or any losses in connection with the distribution and/or use of this document. All information published in this document is provided free of charge and on good faith by Festo. Insofar as permissible by law, however, none of this information shall establish any warranty, guarantee, commitment, or liability on the part of Festo.\\n\\nNote: In no case does this information release the operator or responsible person from the obligation to check the effect on his system or installation before using the information and, in the event of negative consequences, not to use the information.\\n\\nIn addition, the actual general terms, and conditions for delivery, payment and software use of Festo, available under http://www.festo.com and the special provisions for the use of Festo Security Advisory available at https://www.festo.com/psirt shall apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@festo.com",
"name": "Festo SE \u0026 Co. KG",
"namespace": "https://festo.com"
},
"references": [
{
"category": "self",
"summary": "FSA-202303: Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products - HTML",
"url": "https://certvde.com/en/advisories/VDE-2023-047/"
},
{
"category": "self",
"summary": "FSA-202303: Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products - CSAF",
"url": "https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2023/fsa-202303.json"
},
{
"category": "external",
"summary": "For further security-related issues in Festo products please contact the Festo Product Security Incident Response Team (PSIRT)",
"url": "https://festo.com/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories",
"url": "https://certvde.com/en/advisories/vendor/festo/"
}
],
"title": "Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products",
"tracking": {
"aliases": [
"VDE-2023-047"
],
"current_release_date": "2025-10-01T06:00:00.000Z",
"generator": {
"date": "2025-10-02T08:29:12.083Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.36"
}
},
"id": "FSA-202303",
"initial_release_date": "2023-10-17T06:00:00.000Z",
"revision_history": [
{
"date": "2023-10-17T06:00:00.000Z",
"number": "1.0.0",
"summary": "Initial revision."
},
{
"date": "2025-10-01T06:00:00.000Z",
"number": "1.0.1",
"summary": "Adjusted to VDE template. Changed title from \"Vulnerable Siemens TIA-Portal in several Festo Didactic Products\" to \"Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products\"."
}
],
"status": "final",
"version": "1.0.1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "DELL XE3",
"product": {
"name": "MES PC DELL XE3",
"product_id": "CSAFPID-11001"
}
}
],
"category": "product_name",
"name": "MES PC"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cJune2023",
"product": {
"name": "TP260 \u003cJune2023",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"8107242"
],
"x_generic_uris": [
{
"namespace": "Festo:Partnumber",
"uri": "Festo:Partnumber:8107242"
}
]
}
}
}
],
"category": "product_name",
"name": "TP260"
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "V15\u003cV17Update6",
"product": {
"name": "TIA-Portal V15\u003cV17Update6",
"product_id": "CSAFPID-51001"
}
},
{
"category": "product_version_range",
"name": "V18\u003cV18Update1",
"product": {
"name": "TIA-Portal V18\u003cV18Update1",
"product_id": "CSAFPID-51002"
}
}
],
"category": "product_name",
"name": "TIA-Portal"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "Festo"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
],
"summary": "Affected products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "TIA-Portal V15\u003cV17Update6 installed on MES PC DELL XE3",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TIA-Portal V18\u003cV18Update1 installed on MES PC DELL XE3",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TIA-Portal V15\u003cV17Update6 installed on TP260 \u003cJune2023",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-51001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "TIA-Portal V18\u003cV18Update1 installed on TP260 \u003cJune2023",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-51002",
"relates_to_product_reference": "CSAFPID-11002"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-26293",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update TIA-Portal. Please refer to Siemens SSA-116924 for more details.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
}
],
"title": "CVE-2023-26293"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…