CVE-2019-10915 PoC — Siemens TIA Administrator 访问控制错误漏洞

Source

https://github.com/jiansiting/CVE-2019-10915

Associated Vulnerability

Title:Siemens TIA Administrator 访问控制错误漏洞 (CVE-2019-10915)
Description:A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Description

Siemens TIA administrator Tool RCE

Readme

The vulnerability is an authentication bypass in the TIA Administrator server. 
An attacker could execute arbitrary application commands through websockets on the node.js server which is externally exposed by default.
By exploiting this vulnerability, an unauthenticated remote attacker could perform actions on TIA Portal, such as elevating privileges, changing proxy settings, or specifying malicious firmware updates.

File Snapshot


 [4.0K]  /data/pocs/51f4237f960db298324bdad7f5488591fa6c8c60
├── [ 34K]  LICENSE
├── [ 186]  mal_Inventory_TIAPORTAL_V15_UPD99.txt
├── [1.5K]  mal_Inventory_TIAPORTAL_V15_UPD99.xml
├── [ 555]  mal_UpdatesSummaryCatalog.xml
├── [ 420]  README.md
├── [2.4K]  tia_portal_rce.py
└── [6.4K]  tia_portal_update_server.py

0 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!