Primary

Context

Siemens ROS# Path Traversal Vulnerability Allowing Arbitrary File Access

Vulnerability

A path traversal vulnerability has been identified in Siemens ROS# versions prior to 2.2.2. This vulnerability arises because user input is not properly sanitized, potentially allowing remote attackers to access arbitrary files on the device. The accessed files could be read or written, depending on the user rights of the account running the affected service.

Impact

Exploitation of this vulnerability could lead to unauthorized access to files on the device, with the ability to read or write those files based on the user rights of the service account.

Remediation

Users are advised to update ROS# to version 2.2.2 or later. For specific mitigation strategies, refer to the Siemens Security Advisory SSA-357982.

Added: May 12, 2026, 10:27 AM

Updated: May 12, 2026, 10:27 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens ROS# Path Traversal Vulnerability Allowing Arbitrary File Access

Vulnerability

Impact

Remediation

Affected Products

Siemens ROS#

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating