{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T10:41:56.721","vulnerabilities":[{"cve":{"id":"CVE-2023-26293","sourceIdentifier":"productcert@siemens.com","published":"2023-04-11T10:15:18.157","lastModified":"2024-11-21T07:51:04.510","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions < V16 Update 7), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution."}],"metrics":{"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tia_portal:15:*:*:*:*:*:*:*","matchCriteriaId":"FB7DAF87-8685-402D-B8AF-30E3DBC8B37C"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tia_portal:16:*:*:*:*:*:*:*","matchCriteriaId":"85B6CBCC-CBF6-45F3-A475-FF154208E58C"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tia_portal:17:-:*:*:*:*:*:*","matchCriteriaId":"85EDE398-4E18-4F39-9F00-66E9EDB17AD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tia_portal:17:update1:*:*:*:*:*:*","matchCriteriaId":"7C4DFB46-947A-4156-B760-5754D3A502B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tia_portal:17:update2:*:*:*:*:*:*","matchCriteriaId":"4A46017D-5AF4-4063-92E8-83228CCDEB45"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tia_portal:17:update3:*:*:*:*:*:*","matchCriteriaId":"903EA460-9F1F-4BB1-AAF4-9B17A864892A"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tia_portal:17:update4:*:*:*:*:*:*","matchCriteriaId":"D63A193B-18EB-4399-8528-BC58C88CB19C"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tia_portal:17:update5:*:*:*:*:*:*","matchCriteriaId":"931BB5EB-D243-4E06-844B-567B899905F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tia_portal:18:-:*:*:*:*:*:*","matchCriteriaId":"50C20804-6D7D-49AB-8789-625CA57C077B"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-116924.html","source":"productcert@siemens.com"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-116924.pdf","source":"productcert@siemens.com","tags":["Patch","Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-116924.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}