Nov. 14, 2023, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

Siemens OPC UA Modeling Editor (SiOME) is affected by an XML external entity (XXE) injection vulnerability that could allow an attacker to interfere with an application’s processing of XML data and read arbitrary files in the system.


Siemens has released a new version for Siemens OPC UA Modelling Editor (SiOME) and recommends to update to the latest version.

application arbitrary files attacker data disclosure editor external files information information disclosure information disclosure vulnerability injection modeling opc opc ua siemens ssa system version vulnerability xml xxe

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

Information Security Engineers

@ D. E. Shaw Research | New York City

Anti-fraud and Compliance Support Agent (Armenia)

@ Manychat | Yerevan, Armenia

ATC Instructor - Cybersecurity

@ Fulton County Schools | Atlanta, GA, US, 30339

Senior Cyber Threat Intel Analyst

@ Maveris | Washington, District of Columbia, United States - Remote

Head of Information Security

@ Catawiki | The Hague, Netherlands

Security Architect

@ Ocorian | London, United Kingdom