All news with #simotion tools tag
Thu, September 11, 2025
Siemens SIMOTION Tools Privilege Escalation Advisory
🛡️ Siemens reports a local privilege escalation vulnerability affecting SIMOTION Tools installers that use an affected NSIS setup component. The flaw (CWE-754) in Nullsoft Scriptable Install System (NSIS) before 3.11 can allow an unprivileged user to gain SYSTEM privileges during installation by exploiting a race condition. The issue is tracked as CVE-2025-43715 with a CVSS v3.1 base score of 8.1. No vendor fix is available yet; Siemens and CISA offer mitigations and hardening guidance.