# XML External Entity (XXE) Vulnerability (CVE-2020-8540)

This document will explain about the **XML External Entity (XXE)** (**CVE-2020-8540**) vulnerability on agent servlet, which was reported by kalimer0x00.

## What was the problem?

The server parses XML input from the agent periodically to process the data. This attack occurs when there is a reference to external entity which might be malicious in the XML file. This may lead to unintended operations and may crash the server.

## How do I fix it?

This was identified and fixed on **07-Mar-2020**. This fix is updated in build **10.0.479 and above**. To apply this fix, follow the steps below:

1. Login to your Desktop Central console, click on your current build number on the top-right corner.
2. Download the latest build that is applicable to you.

**Keywords:** Security Updates, XML External Entity, XXE, Vulnerabilities and Fixes.