OTPulse
FeedAboutContact

Information Disclosure Vulnerability in Siemens OPC UA Modeling Editor (SiOME)

Plan Patch7.5SSA-197270Nov 14, 2023
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Siemens OPC UA Modeling Editor (SiOME) versions prior to 2.8 contain an XML external entity (XXE) injection vulnerability. An attacker who supplies a malicious XML file can cause the application to read arbitrary files from the system where SiOME is running. This could expose project files, credentials, or other sensitive automation data stored on the engineering workstation.

What this means
What could happen
An attacker who sends a specially crafted XML file to SiOME could read arbitrary files from the engineering workstation, potentially exposing sensitive automation logic, credentials, or project configurations.
Who's at risk
Engineering and automation teams who use Siemens OPC UA Modeling Editor on workstations to design and configure industrial automation systems and OPC UA information models.
How it could be exploited
An attacker delivers a malicious XML file containing external entity references to a user running SiOME (via email, shared network folder, or direct access if the workstation is exposed). When SiOME processes the XML, it resolves the entity and reads files from the system, which the attacker can retrieve.
Prerequisites
  • User with access to SiOME installed on an engineering workstation
  • User must open or import a crafted XML file in SiOME
  • SiOME version prior to 2.8
remotely exploitableno authentication requiredlow complexityinformation disclosureaffects engineering workstations with design data
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
OPC UA Modelling Editor (SiOME)<V2.82.8
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Siemens OPC UA Modeling Editor (SiOME) to version 2.8 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/243434a5-bf29-49b2-ad34-85bebaa86343
Information Disclosure Vulnerability in Siemens OPC UA Modeling Editor (SiOME) | CVSS 7.5 - OTPulse