← Back to home
SIEMENS-SSA-197270  ·  Published 2023-11-14  ·  View on Siemens ProductCERT ↗

SSA-197270 V1.0: Information Disclosure Vulnerability in Siemens OPC UA Modeling Editor (SiOME)

CVSS N/A MEDIUM

Risk Summary

<p>Siemens OPC UA Modeling Editor (SiOME) is affected by an XML external entity (XXE) injection vulnerability that could allow an attacker to interfere with an application’s processing of XML data and read arbitrary files in the system.</p> <p>Siemens has released a new version for Siemens OPC UA Modelling Editor (SiOME) and recommends to update to the latest version.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-197270 V1.0: Information Disclosure Vulnerability in Siemens OPC UA Modeling Editor (SiOME) See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more