Medium
The affected product is vulnerable due to a component within the affected application that regularly calls a helper binary with SYSTEM privileges while the call path is not quoted, potentially allowing an attacker to execute commands with elevated privileges.
Privilege access
Siemens
Refer to ICS advisory for the list of affected products and upgraded patches.