PT-2015-10: Privilege Gaining in Siemens SIMATIC STEP 7 (TIA Portal)

Vulnerable software

Siemens SIMATIC STEP 7 (TIA Portal)
Version: 13 and earlier


Severity level

Severity level: Low
Impact: Privilege Gaining
Access Vector: Local

CVSS v2:
Base Score: 2.6
Vector: (AV:L/AC:H/Au:N/C:P/I:P/A:N)

CVE: CVE-2015-1356

Software description

Siemens SIMATIC STEP 7 (TIA Portal) is an engineering software to configure and program SIMATIC controllers and Standard PCs running WinAC RTX.

Vulnerability description

The specialists of the Positive Research center have detected a Privilege Gaining vulnerability in Siemens SIMATIC STEP 7 (TIA Portal).

Vulnerability exists in TIA Portal due to improper integrity protection of project-file fields containing user’s privileges, which allows attackers to modify user permissions by manipulating project files.

How to fix

Update your sofware up to the latest version

Advisory status

21.09.2012 - Vendor gets vulnerability details
13.02.2015 - Vendor releases fixed version and details
25.02.2015 - Public disclosure


The vulnerability was detected by Alexander Timorin, Positive Research Center (Positive Technologies Company)


Reports on the vulnerabilities previously discovered by Positive Research: