Threat Encyclopedia

Unquoted Search Path Vulnerability for Siemens SIMATIC STEP 7

description-logoDescription

A vulnerability has been identified in SIMATIC STEP 7 versions prior to 5.6 where component within the affected application regularly calls a helper binary with SYSTEM privileges while the call path is not quoted.

affected-products-logoAffected Products

SIMATIC STEP 7

CVE References

CVE-2020-7580