PatchSiren cyber security CVE debrief
CVE-2016-8348 Emerson CVE debrief
CVE-2016-8348 is a critical XML External Entity (XXE) vulnerability affecting Emerson Liebert SiteScan Web version 6.5 and earlier. According to the NVD record, a weakly configured XML parser can be abused through malicious input, which may expose server or connected network file contents and can also lead to arbitrary code execution.
- Vendor
- Emerson
- Product
- CVE-2016-8348
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-13
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-13
- Advisory updated
- 2026-05-13
Who should care
Operators and defenders responsible for Emerson Liebert SiteScan Web deployments, especially environments exposing the application to network access or using it in operational/industrial settings. Because the issue is network-reachable and does not require privileges or user interaction, it deserves immediate review in any affected installation.
Technical summary
The NVD classifies this issue as CWE-611 (improper restriction of XML external entity reference) with CVSS 3.0 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerable CPE range in the record covers Emerson Liebert SiteScan Web through version 6.5. The public advisory references indicate mitigation guidance was published by ICS-CERT (ICSA-16-334-01).
Defensive priority
High. The combination of remote attack surface, no privileges, no user interaction, and high confidentiality/integrity/availability impact makes this a priority remediation item for any exposed or still-supported deployment.
Recommended defensive actions
- Apply the vendor-provided remediation guidance referenced by ICS-CERT for affected Liebert SiteScan Web deployments.
- Harden XML parsing by disabling external entity resolution and related unsafe parser features wherever the application or deployment allows it.
- Restrict network access to the SiteScan Web application to trusted management segments and administrative hosts only.
- Review logs and surrounding system activity for unusual XML requests, unexpected outbound entity resolution, or abnormal file access patterns.
- Confirm whether any affected instances are still running version 6.5 or earlier, and plan an upgrade or replacement path if they are.
Evidence notes
NVD identifies the issue as an XXE flaw (CWE-611) in Emerson Liebert SiteScan Web through version 6.5, with CVSS 3.0 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The supplied references include the ICS-CERT advisory ICSA-16-334-01 and SecurityFocus BID 94587, both consistent with a publicly documented mitigation trail. The CVE was published on 2017-02-13 and the NVD record was last modified on 2026-05-13.
Official resources
-
CVE-2016-8348 CVE record
CVE.org
-
CVE-2016-8348 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Mitigation, Third Party Advisory, US Government Resource
Publicly disclosed in the CVE record on 2017-02-13. The NVD entry was last modified on 2026-05-13. Public reference material in the record points to ICS-CERT advisory ICSA-16-334-01 and SecurityFocus BID 94587.