CISA has published an advisory on cross-site request forgery, improper neutralization of script-related HTML tags in a web page, and improper input validation vulnerabilities in Siemens XHQ Operations Intelligence products. All versions of the product are affected. Successful exploitation of these vulnerabilities could allow an attacker to read or modify contents of the web application. Siemens recommends users update XHQ Operations Intelligence product line to v6.0.0.2 or later. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
You are here
Related Resources
Jun 18, 2025 in Cybersecurity, in OT-ICS Security, in Security Preparedness
Jun 18, 2025 in Cybersecurity, in OT-ICS Security, in Federal & State Resources
Jun 12, 2025 in Cybersecurity, in Security Preparedness