Siemens Tia Administrator
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Siemens Tia Administrator.
By the Year
In 2026 there have been 0 vulnerabilities in Siemens Tia Administrator. Last year, in 2025 Tia Administrator had 1 security vulnerability published. Right now, Tia Administrator is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 7.80 |
| 2024 | 1 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 5.90 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 7.80 |
It may take a day or so for new Tia Administrator vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Siemens Tia Administrator Security Vulnerabilities
DLL Hijacking in Windows Setup Component Enables RCE
CVE-2025-30033
7.8 - High
- August 12, 2025
The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.
DLL preloading
TIA Administrator Insecure Temp File Permissions Allow Update Process Disruption
CVE-2023-38533
- June 11, 2024
A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process.
Creation of Temporary File in Directory with Insecure Permissions
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client
CVE-2021-3449
5.9 - Medium
- March 25, 2021
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
NULL Pointer Dereference
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1)
CVE-2019-10915
7.8 - High
- July 11, 2019
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Permissions, Privileges, and Access Controls
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Siemens Tia Administrator or by Siemens? Click the Watch button to subscribe.
