OTPulse
FeedAboutContact

XPath Constraint Vulnerability in Mendix Runtime

Monitor6.8SSA-148641Mar 8, 2022
Attack VectorNetwork
Auth RequiredLow
ComplexityHigh
User InteractionNone needed
Summary

A XPath Constraint vulnerability in Mendix Runtime allows authenticated users to bypass access control logic. An attacker could exploit this to read data attributes that should be inaccessible and modify sensitive information that the application's business rules should have protected. The vulnerability affects Mendix Runtime V7, V8, and V9 versions as specified. Siemens has released patched versions for all affected product lines.

What this means
What could happen
An authenticated user could exploit XPath constraint logic to read data they should not have access to and modify sensitive information, bypassing intended access controls within the Mendix application.
Who's at risk
Organizations using Mendix low-code development platform for critical applications, including those in water utilities, power systems, or manufacturing that rely on Mendix for operational dashboards, reporting systems, or process control interfaces. Risk is highest for applications that manage sensitive data like user credentials, process configurations, or operational parameters.
How it could be exploited
An attacker with valid user credentials logs into a Mendix application and crafts malicious XPath queries in the application's data access layer to bypass access control constraints. This allows the attacker to extract hidden data attributes and modify restricted records that the application's business logic should have prevented them from accessing.
Prerequisites
  • Valid user credentials (login to the Mendix application required)
  • Application built on affected Mendix Runtime versions
  • Access to application features that execute XPath queries
Remotely exploitableAuthentication required (reduces risk but still concerning for insider threats)Low complexity exploitationAffects data confidentiality and integrity
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (3)
3 with fix
ProductAffected VersionsFix Status
Mendix Runtime V7< V7.23.297.23.29
Mendix Runtime V8< V8.18.168.18.16
Mendix Runtime V9< V9.139.13
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/3

Patching may require device reboot — plan for process interruption

Mendix Runtime V7
HOTFIXUpdate Mendix Runtime V7 to version 7.23.29 or later
Mendix Runtime V8
HOTFIXUpdate Mendix Runtime V8 to version 8.18.16 or later
Mendix Runtime V9
HOTFIXUpdate Mendix Runtime V9 to version 9.13 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/78e53920-4461-4226-aaf6-fe73a0241d71