Unrated severityNVD Advisory· Published Nov 14, 2023· Updated Dec 16, 2025

CVE-2023-46590

Description

A vulnerability has been identified in Siemens OPC UA Modelling Editor (SiOME) (All versions < V2.8). Affected products suffer from a XML external entity (XXE) injection vulnerability. This vulnerability could allow an attacker to interfere with an application's processing of XML data and read arbitrary files in the system.

Affected products

Siemens Foundation/OPC UA Modelling Editor (SiOME)llm-create2 versions
< V2.8+ 1 more
- (no CPE)range: < V2.8
- (no CPE)range: All versions < V2.8

Patches

Vulnerability mechanics

References

cert-portal.siemens.com/productcert/pdf/ssa-197270.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000