Siemens Mendix Studio Pro 安全漏洞

Siemens Mendix Studio Pro is a visualization model-driven IDE developed by the German company Siemens. Versions of Siemens Mendix Studio Pro 11.8.0 Beta and earlier contained security vulnerabilities. These vulnerabilities were caused by incorrect authorization configurations, which could allow...

Siemens Mendix Application Authorization Misconfiguration Vulnerability

Siemens Mendix is a low-code application development platform from Siemens. An authorization misconfiguration vulnerability exists in the Siemens Mendix application, which can be exploited by an attacker to obtain sensitive information...

Siemens Mendix Rich Text Component Cross-Site Scripting Vulnerability

The Mendix Rich Text component is a powerful rich text editor. Create richly formatted text with HTML output. A cross-site scripting vulnerability exists in the Siemens Mendix RichText component, version V4.0.0 through versions prior to V4.6.1, which can be exploited to implant cross-site scripti...

Siemens Mendix SAML Account Hijacking Vulnerability

Siemens Mendix SAML is an authentication module provided by the Siemens Mendix platform for single sign-on SSO functionality. An account hijacking vulnerability exists in Siemens Mendix SAML, which stems from insufficient signature verification and binding checks, and can be exploited by an...

Siemens Mendix SAML 数据伪造问题漏洞

Siemens Mendix SAML is an authentication module provided by the Siemens Mendix platform for single sign-on SSO functionality. An account hijacking vulnerability exists in Siemens Mendix SAML, which stems from insufficient signature verification and binding checks, and can be exploited by an...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on June 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-168-01 Siemens Mendix Studio Pro ICSA-25-168-02 LS Electric GMWin 4 ICSA-25-168-04 Fuji...

Siemens Mendix OIDC SSO 安全漏洞

Siemens Mendix OIDC SSO is an enterprise-class unified identity solution based on the OIDC protocol from Siemens Germany. A security vulnerability exists in Siemens Mendix OIDC SSO that stems from improper assignment of token access privileges, which could lead to privilege abuse...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on April 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-105-01 Siemens Mendix Runtime ICSA-25-105-02 Siemens Industrial Edge Device Kit...

Siemens Mendix Runtime 安全漏洞

Siemens Mendix Runtime is a key component of Siemens AG Siemens, Germany. A security vulnerability exists in Siemens Mendix Runtime that stems from a distinguishable response that could lead to unauthorized enumeration of entity and property names...

Siemens Mendix LDAP Injection Vulnerability

Mendix LDAP is a client-side implementation of the Lightweight Directory Access Protocol LDAP that allows your application to communicate with an LDAP server, such as the local Microsoft Active Directory AD. An injection vulnerability exists in Siemens Mendix LDAP, which can be exploited by an...

Siemens Mendix Competitive Condition Vulnerability

Mendix is a highly productive application platform that enables you to build and continuously improve mobile and web applications at scale. A competitive condition vulnerability exists in Siemens Mendix, which can be exploited by an unauthenticated, remote attacker to bypass default account locko...

Siemens Mendix Runtime 竞争条件问题漏洞

Mendix is a highly productive application platform that enables you to build and continuously improve mobile and web applications at scale. A competitive condition vulnerability exists in Siemens Mendix, which can be exploited by an unauthenticated, remote attacker to bypass default account locko...

Siemens Mendix Runtime Information Disclosure Vulnerability

Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. An information disclosure vulnerability exists in Siemens Mendix Runtime, which stems from the affected application's authentication...

Siemens Mendix Runtime

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens Mendix Encryption Module Hardcoded Default Encryption Key Vulnerability

The Mendix Encryption module takes care of the following encryption requirements: plain text encryption e.g. passwords and FileDocument encryption e.g. documents or photos. A hard-coded default encryption key vulnerability exists in the Siemens Mendix Encryption module, which can be exploited by ...

Siemens Mendix 安全漏洞

The Mendix Encryption module takes care of the following encryption requirements: plain text encryption e.g. passwords and FileDocument encryption e.g. documents or photos. A hard-coded default encryption key vulnerability exists in the Siemens Mendix Encryption module, which can be exploited by ...

Siemens Mendix Rights Management Error Vulnerability

Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. A privilege management error vulnerability exists in Siemens Mendix, which can be exploited by an attacker with administrative role functionality to elevate the access...

Siemens Mendix 安全漏洞

Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. A privilege management error vulnerability exists in Siemens Mendix, which can be exploited by an attacker with administrative role functionality to elevate the access...

Siemens Mendix Runtime

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens Mendix Applications 安全漏洞

Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. An authentication bypass vulnerability exists in Siemens Mendix, which can be exploited by an attacker to access or modify objects without proper authorization or to...