OZW672 and OZW772 Web Server versions < 10.00 contain a vulnerability that could allow unauthenticated users to access project files under certain conditions.
Siemens has released Version 10.00 that fixes the vulnerability and recommends to update all web servers.
As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.
OZW devices (web servers) are used for remote monitoring of building controller devices, e.g. for monitoring of heating control or of air condition.
An additional classification has been performed using the CWE classification, a community-developed list of common software security weaknesses. This serves as a common language and as a baseline for weakness identification, mitigation, and prevention efforts. A detailed list of CWE classes can be found at: https://cwe.mitre.org/.
Vulnerable versions of OZW Web Server use predictable path names for project files that legitimately authenticated users have created by using the application's export function. By accessing a specific uniform resource locator on the web server, a remote attacker could be able to download a project file without prior authentication.
The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected system. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises the confidentiality of the targeted system.