Siemens has an update available to handle an information disclosure vulnerability in its OZW web server, according to a report with CISA.
Successful exploitation of this remotely exploitable vulnerability, discovered by Maxim Rupp, could allow unauthenticated users to access project files.
The following versions of OZW web server are affected: OZW672 and OZW772: All versions prior to 10.0. Vulnerable versions of OZW web server use predictable path names for project files that legitimately authenticated users have created by using the application’s export function. By accessing a specific uniform resource locator on the web server, a remote attacker could be able to download a project file without prior authentication.
CVE-2019-13941 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.
The product sees use in the commercial facilities and government facilities sectors. It also sees action on a global basis.
No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.
Siemens identified the following specific workarounds and mitigations users can apply to reduce the risk:
As a general security measure Siemens recommends users protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.
For more information refer to SSA-986695.