CVE-2025-23364

MEDIUM

Siemens Tia Administrator < 3.0.6 - Signature Verification Bypass

Title source: rule
STIX 2.1

Description

A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations.

References (1)

Scores

CVSS v3 6.2
EPSS 0.0001
EPSS Percentile 1.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-347
Status published
Products (1)
siemens/tia_administrator < 3.0.6
Published Jul 08, 2025
Tracked Since Feb 18, 2026