CVE-2016-7165 (primary_setup_tool, security_configuration_tool, simatic_it_production_suite, simatic_net_pc_software, simatic_pcs_7, simatic_pcs7, simatic_step_7, simatic_step_7_(tia_portal), simatic_winac_rtx_2010, simatic_winac_rtx_f_2010, simatic_wincc, simatic_wincc_(tia_portal), simatic_wincc_runtime, simit, sinema_remote_connect, sinema_server, softnet_security_client, telecontrol_basic)
Unquoted Windows search path vulnerability in Siemens SIMATIC WinCC before 7.0 SP2 Upd 12, 7.0 SP3 before Upd 8, and 7.2 through 7.4; SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced before 14; SIMATIC WinCC Runtime Professional; SIMATIC WinCC (TIA Portal) Professional; SIMATIC STEP 7 5.x; SIMATIC STEP 7 (TIA Portal) before 14; SIMATIC NET PC-Software before 14; TeleControl Server Basic before 3.0 SP2; SINEMA Server before 13 SP2; SIMATIC PCS 7 through 8.2; SINEMA Remote Connect Client; SIMATIC WinAC RTX 2010 SP2; SIMATIC WinAC RTX F 2010 SP2; SIMATIC IT Production Suite; SOFTNET Security Client 5.0; SIMIT 9.0; Security Configuration Tool (SCT); and Primary Setup Tool (PST), when the installation does not use the %PROGRAMFILES% directory, might allow local users to gain privileges via a Trojan horse executable file.