Lucene search
China National Vulnerability DatabaseCNVD-2023-86588HistoryNov 15, 2023 - 12:00 a.m.
Siemens OPC UA Modeling Editor (SiOME) XML External Entity Injection Vulnerability
2023-11-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
siemens
opc ua
modeling editor
xml
external entity injection
vulnerability
xml data
arbitrary files
exploitation
security advisory
Siemens OPC UA Modeling Editor (SiOME) is a free tool to create OPC UA information models or map existing companion specifications. An XML external entity injection vulnerability exists in Siemens OPC UA Modeling Editor (SiOME), which can be exploited by an attacker to interfere with the application’s processing of XML data and read arbitrary files on the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| siemens opc ua modelling editor (siome) | lt | 2.8 |
Related
prion
prion
Xxe
2023-11-14 11:15:00
cvelist
cvelist
CVE-2023-46590
2023-11-14 11:04:22
nvd
nvd
CVE-2023-46590
2023-11-14 11:15:15
cve
cve
CVE-2023-46590
2023-11-14 11:15:15
ics
ics
Siemens OPC UA Modeling Editor (SiOME)
2023-11-16 12:00:00