all InfoSec news
SSA-197270 V1.0: Information Disclosure Vulnerability in Siemens OPC UA Modeling Editor (SiOME)
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Siemens OPC UA Modeling Editor (SiOME) is affected by an XML external entity (XXE) injection vulnerability that could allow an attacker to interfere with an application’s processing of XML data and read arbitrary files in the system.
Siemens has released a new version for Siemens OPC UA Modelling Editor (SiOME) and recommends to update to the latest version.
application arbitrary files attacker data disclosure editor external files information information disclosure information disclosure vulnerability injection modeling opc opc ua siemens ssa system version vulnerability xml xxe