Security analyst Stephan Sekula discovered an XML External Entity (XXE) vulnerability in ACTICO Workplace, which allows an attacker to read arbitrary files on the system.
In this second part, we demonstrate how a Cyber Resilience Act (CRA) assessment is performed in practice. Using a low-cost IP camera as an example, we…