Unrated severityNVD Advisory· Published Feb 9, 2021· Updated Aug 4, 2024

CVE-2020-25238

Description

A vulnerability has been identified in PCS neo (Administration Console) (All versions < V3.1), TIA Portal (V15, V15.1 and V16). Manipulating certain files in specific folders could allow a local attacker to execute code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A local privilege escalation vulnerability in Siemens TIA Portal and PCS neo allows attackers with limited access to execute code as SYSTEM.

Vulnerability

Siemens TIA Portal (versions V15, V15.1, V16) and PCS neo Administration Console (versions prior to V3.1) are affected by an improper access control vulnerability (CWE-284). The issue arises because the privileged Node.js component does not properly set the module search path, causing Node.js to look for modules in the C:\node_modules\ directory at startup [1][2].

Exploitation

A local attacker with limited user privileges can create the C:\node_modules\ directory and place a specially crafted .js file in it. When the vulnerable Siemens software starts the Node.js server, it loads the malicious module, allowing code execution in the context of the SYSTEM user [2].

Impact

Successful exploitation results in arbitrary code execution with SYSTEM privileges, leading to full compromise of the affected Windows system [1][2].

Mitigation

Siemens has released updates: Update TIA Administrator to version V1.0 SP2 Upd2 or later, and update PCS neo to version V3.1 or later. Administrators should also restrict local access to authorized users and follow the industrial security guidelines in SIMATIC PCS neo [1].

References

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Siemens Foundation/PCS neollm-create
Range: < V3.1
Siemens Foundation/TIA Portalllm-fuzzy
Range: V15, V15.1, V16
Siemens/PCS neo (Administration Console)v5
Range: All versions < V3.1
Siemens Foundation/Wincc Tia Portalcpe-rescue
Range: V15, V15.1 and V16

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/466044mitrethird-party-advisoryx_refsource_CERT-VN
cert-portal.siemens.com/productcert/pdf/ssa-428051.pdfmitrex_refsource_MISC
us-cert.cisa.gov/ics/advisories/icsa-21-040-05mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000