CVE-2025-34142 is an XML External Entity (XXE) injection vulnerability identified in the ETQ Reliance CG (legacy) platform, specifically within the `/resources/sessions/sso` endpoint that handles SAML authentication. The vulnerability arises because the XML parser used in processing SAML responses does not disable external entity resolution, allowing attackers to craft malicious XML input that references external entities. This improper restriction of XML external entity references (CWE-611) can be exploited to perform unauthorized actions such as reading sensitive files from the server or conducting server-side request forgery (SSRF) attacks. SSRF can be leveraged to make the server initiate requests to internal or external systems, potentially bypassing network controls or accessing internal services. The vulnerability affects all versions of the legacy ETQ Reliance CG platform prior to the patched releases SE.2025.1 and 2025.1.2, where external entity processing was disabled in the XML parser to mitigate this risk. The CVSS 4.0 base score of 6.9 (medium severity) reflects the network attack vector, low complexity, no privileges or user interaction required, and limited impact on confidentiality and integrity. However, the vulnerability's exploitation could lead to sensitive data disclosure and indirect impacts on system integrity through SSRF. No known exploits are currently reported in the wild, but the nature of the vulnerability makes it a significant concern for organizations using this platform for SAML-based single sign-on (SSO) authentication, as it could undermine authentication security and expose internal resources.

For European organizations using ETQ Reliance CG (legacy), this vulnerability poses a risk of unauthorized disclosure of sensitive information and potential internal network reconnaissance or exploitation via SSRF. Given that ETQ Reliance is often used in regulated industries such as manufacturing, life sciences, and quality management, exposure of confidential operational or compliance data could lead to regulatory penalties under GDPR and damage to reputation. The SAML authentication context means that successful exploitation could also compromise authentication flows, potentially allowing attackers to bypass access controls or escalate privileges indirectly. The SSRF aspect could be leveraged to pivot attacks into internal networks, which is particularly concerning for organizations with segmented or sensitive internal environments. The medium severity rating suggests that while the vulnerability is not trivially exploitable for full system compromise, the potential for data leakage and indirect attacks warrants prompt attention. European entities with legacy deployments that have not applied the patches remain vulnerable, especially if their ETQ Reliance CG instances are exposed to untrusted networks or integrated with external identity providers.

Organizations should immediately verify their ETQ Reliance CG (legacy) platform version and apply the patches SE.2025.1 or 2025.1.2 that disable external entity processing in the XML parser. If patching is not immediately feasible, consider implementing network-level controls to restrict inbound access to the `/resources/sessions/sso` endpoint to trusted identity providers and internal systems only. Employ Web Application Firewalls (WAFs) with custom rules to detect and block XML payloads containing external entity declarations or suspicious SAML responses. Conduct thorough logging and monitoring of SAML authentication requests to detect anomalous patterns indicative of exploitation attempts. Additionally, review and harden XML parser configurations across the environment to ensure external entity resolution is disabled wherever XML input is processed. Finally, perform security assessments and penetration tests focusing on SAML authentication flows to validate the effectiveness of mitigations and detect any residual weaknesses.