The application does not properly validate the users’ privileges when executing some operations, which could allow an attacker with low permissions to arbitrarily modify files that should be protected against writing.
Automation License Manager 5: All versions
Automation License Manager 6: All versions prior to v6.0.8
Siemens recommends the following:
Users of License Manager 5: Disable access to drives which have licenses installed, for non-administrator users.
Users of License Manager 6: Update to v6.0.8 or later version.