Stored XSS Vulnerability in OZW Web Servers Before V5.2

Monitor6.8SSA-230445Nov 12, 2024

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionRequired

Summary

OZW672 and OZW772 Web Server versions before V5.2 contain a stored cross-site scripting (XSS) vulnerability. An authenticated remote attacker can inject arbitrary JavaScript code that is later executed when another authenticated user, potentially with higher privileges, accesses the affected interface. This could allow the attacker to perform unauthorized actions on behalf of the victim user.

What this means

What could happen

An authenticated attacker can inject malicious JavaScript into the OZW672/OZW772 web interface that executes when other authorized users (especially administrators) access the system, potentially allowing them to perform unauthorized actions or capture credentials.

Who's at risk

Water and electric utilities using OZW672 or OZW772 web servers for SCADA or process management interfaces. Operators, engineers, and administrators who access these web portals are at risk if lower-privileged technicians or contractors are also granted access.

How it could be exploited

An attacker with valid credentials logs into the OZW web interface and injects malicious JavaScript through input fields (such as configuration parameters or data entry forms). When another authenticated user—particularly an administrator with higher privileges—views the compromised page, the injected code executes in their browser session, allowing the attacker to perform actions as that higher-privileged user.

Prerequisites

Valid login credentials for the OZW web interface
Network access to the OZW web server (typically port 80/443 on the local network)
Another authenticated user must view the page containing the injected payload

Remotely exploitableRequires valid authenticationAffects privileged users (administrators)Privilege escalation potential

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

OZW672< V5.25.2

OZW772< V5.25.2

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

OZW672

HOTFIXUpdate OZW672 and OZW772 to firmware version 5.2 or later

CVEs (1)

CVE-2024-36140

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f505a97b-c6e0-460d-836e-22807cfbc55e