Medium
Siemens Teamcenter is vulnerable to an XML external entity injection (XXE) attack when processing XML data, caused by a weakly configured XML parser. By persuading a victim to use specially-crafted XML content, a remote attacker could exploit this vulnerability to read arbitrary files.
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.