CVE-2025-34142 identifies a critical XML External Entity (XXE) vulnerability in the ETQ Reliance CG (legacy) platform, specifically within the SAML authentication handler endpoint /resources/sessions/sso. The vulnerability stems from improper restriction of XML external entity references (CWE-611), where the XML parser processes input without disabling external entity resolution. This allows an attacker to submit a crafted SAML response containing malicious external entity references. Exploitation can lead to unauthorized disclosure of sensitive files on the server, such as configuration or credential files, or enable server-side request forgery (SSRF) attacks that can be used to pivot within internal networks or access restricted resources. The vulnerability affects all versions of ETQ Reliance CG legacy prior to SE.2025.1 and 2025.1.2, where the vendor addressed the issue by disabling external entity processing in the XML parser. The CVSS 4.0 base score of 6.9 reflects a medium severity rating, with an attack vector that is network-based, requiring no privileges or user interaction, but with limited impact on confidentiality and integrity. No public exploits are currently known, but the vulnerability represents a significant risk due to the sensitive nature of SAML authentication processes and the potential for data exfiltration or internal network reconnaissance. Organizations relying on this platform should urgently apply vendor patches and review XML parsing configurations to prevent exploitation.

For European organizations, this vulnerability could lead to unauthorized access to sensitive information, including authentication tokens, configuration files, or internal network resources, potentially compromising confidentiality and integrity. Given that ETQ Reliance CG is used in quality, compliance, and risk management workflows, exploitation could disrupt critical business processes and regulatory compliance efforts, especially in sectors like manufacturing, pharmaceuticals, and finance. The SSRF capability could allow attackers to pivot into internal networks, increasing the risk of lateral movement and further compromise. The medium severity rating indicates a moderate but tangible risk, particularly for organizations with exposed or internet-facing SAML endpoints. Failure to remediate could result in data breaches, regulatory penalties under GDPR, and reputational damage. The absence of known exploits in the wild provides a window for proactive defense, but the ease of exploitation without authentication underscores the urgency of mitigation.

European organizations should immediately upgrade ETQ Reliance CG legacy installations to versions SE.2025.1 or 2025.1.2 where the vulnerability is patched. In parallel, administrators should disable external entity processing in all XML parsers used within the SAML authentication workflows, ensuring that XML input is securely parsed with entity resolution disabled or sandboxed. Implement strict input validation and schema validation for all SAML responses to detect and reject malformed or unexpected XML content. Network segmentation should be enforced to limit the ability of compromised systems to perform SSRF attacks against internal resources. Monitoring and logging of SAML authentication requests should be enhanced to detect anomalous patterns indicative of exploitation attempts. If patching is delayed, consider deploying Web Application Firewalls (WAFs) with custom rules to block XML payloads containing external entity declarations. Regular security assessments and penetration testing focusing on XML processing components are recommended to identify residual risks.