Siemens TeleControl Server Basic SQL Injection Vulnerability Allowing Database Access and Code Execution

A SQL injection vulnerability has been identified in Siemens TeleControl Server Basic, affecting all versions prior to V3.1.2.2. The vulnerability arises in the 'CreateTrace' method, allowing an unauthenticated remote attacker to bypass authorization, manipulate the application's database, and execute code with 'NT AUTHORITY\NetworkService' privileges. Exploitation requires access to port 8000 on the vulnerable system.

Impact

Successful exploitation allows for unauthorized database access, manipulation, and execution of code in the operating system shell with limited 'NT AUTHORITY\NetworkService' permissions.

Remediation

Users are advised to update to TeleControl Server Basic V3.1.2.2 or later. For more information, visit the Siemens support page.