Siemens OPC UA Modelling Editor (SiOME) XML External Entity (XXE) Injection Vulnerability
CVE-2023-46590 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2.8). Affected products suffer from a XML external entity (XXE) injection vulnerability. This vulnerability could allow an attacker to interfere with an application's processing of XML data and read arbitrary files in the system.
Learn more about our External Network Penetration Testing.