SmartClient Opcenter 13.2-2505: SQL Disclosure in Cockpit Errors
CVE-2024-41983 Published on August 12, 2025

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool.

NVD

Weakness Type

Generation of Error Message Containing Sensitive Information

The software generates an error message that includes sensitive information about its environment, users, or associated data.

Affected Versions

Siemens SmartClient modules Opcenter QL Home (SC):

Version V13.2 and below V2506 is affected.

Siemens SOA Audit:

Version V13.2 and below V2506 is affected.

Siemens SOA Cockpit:

Version V13.2 and below V2506 is affected.

Exploit Probability

EPSS

0.08%

Percentile

24.25%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

SmartClient Opcenter 13.2-2505: SQL Disclosure in Cockpit ErrorsCVE-2024-41983 Published on August 12, 2025

Weakness Type

Generation of Error Message Containing Sensitive Information

Affected Versions

Exploit Probability

SmartClient Opcenter 13.2-2505: SQL Disclosure in Cockpit Errors
CVE-2024-41983 Published on August 12, 2025