You are here

Fr. Sauter AG Case Suite (ICSA-18-305-04)

Fr. Sauter AG Case Suite (ICSA-18-305-04)

Created: Friday, November 2, 2018 - 09:22
Categories:
Cybersecurity

The NCCIC has released an advisory on an improper restriction of xml external entity reference vulnerability in Fr. Sauter AG Case Suite. Versions 3.10 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to remotely retrieve unauthorized files from the system. Fr. Sauter AG recommends users apply Service Release 1 for the current CASE Suite Version 3.10. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.