Multiple Vulnerabilities in Tableau Server Component of Opcenter Intelligence

Act Now9.6SSA-246355Feb 11, 2025

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Opcenter Intelligence contains multiple vulnerabilities in its Tableau Server component affecting authentication, path traversal, deserialization, and server-side request forgery. These issues allow attackers to bypass authentication, access unauthorized resources, execute arbitrary code, and forge requests to internal systems.

What this means

What could happen

An attacker without credentials could gain administrative access to Opcenter Intelligence and execute arbitrary commands on the server, potentially disrupting production monitoring and control of manufacturing operations, or exfiltrating sensitive process data.

Who's at risk

Manufacturing facilities using Siemens Opcenter Intelligence for production planning and monitoring, including industries such as automotive, consumer goods, and heavy manufacturing. This affects anyone using Opcenter Intelligence versions before V2501 who rely on it for real-time production data and process control visibility.

How it could be exploited

An attacker on the network or with network access to Opcenter Intelligence can send malicious requests to the Tableau Server component. By exploiting the authentication bypass (CWE-287), an attacker can access the application without valid credentials. Once inside, they can use path traversal (CWE-22), deserialization attacks (CWE-502), or server-side request forgery (CWE-918) to read sensitive files, execute code, or pivot to internal systems.

Prerequisites

Network access to Opcenter Intelligence Tableau Server component (typically port 8080 or 8443)
No valid credentials required due to authentication bypass vulnerability
Opcenter Intelligence version prior to V2501

remotely exploitableno authentication requiredlow complexityactively exploited (KEV)high EPSS score (94.4%)affects production visibility and control systems

Exploitability

Actively exploited — confirmed by CISA KEV

Affected products (1)

ProductAffected VersionsFix Status

Opcenter Intelligence< V25012501

Remediation & Mitigation

0/3

Do now

0/3

HOTFIXUpdate Opcenter Intelligence to version V2501 or later

HOTFIXInstall the latest available version of Tableau Server as referenced in Siemens knowledge base PL8822108

HARDENINGRestrict network access to Opcenter Intelligence Tableau Server ports to authorized engineering and administrative workstations only

CVEs (5)

CVE-2022-22127 CVE-2022-22128 CVE-2023-46604 CVE-2025-26494 CVE-2025-26495

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/af639612-fe87-4036-9ee8-42d71caf3be3