Grady Derosa

**Name of the Vulnerable Software and Affected Versions** GRASSMARLIN versions prior to 3.2.1 GRASSMARLIN version 3.2.1 **Description** Improper handling of XML input occurs due to insufficient hardening of the XML parsing process. This allows crafted session data, specifically within session files (.gm3), to trigger XML External Entity (XXE) injection—a technique where an application processes external entities within an XML document to access unauthorized data. This flaw can lead to the unintended exposure of sensitive information, including the extraction of credentials and arbitrary documents such as SSH keys, which may facilitate lateral movement within industrial networks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.