SSA-062309 — Vulnetix

SSA-062309 PUBLISHED CVSS 9.800000190734863 CRITICAL

TeleControl Server Basic V3.1 contains an information disclosure vulnerability that could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service. Siemens has released a new version for TeleControl Server Basic V3.1 and recommends to update to the latest version.

Risk Scores

CVSS 3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
	TeleControl Server Basic V3.1

Exploit Intelligence

https://cert-portal.siemens.com/productcert/html/ssa-062309.html (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-062309.json (circl)
https://support.industry.siemens.com/cs/ww/en/view/109995705/ (circl)

Timeline

Oct 14, 2025 CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-062309.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-062309.json advisory
https://support.industry.siemens.com/cs/ww/en/view/109995705/ fix

Open in Interactive Console →