Malicious code in comos-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee12368f5942eae69ed49370445277dace5431f4ded5556b51dcd1ef34bd4b4a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5405 Malicious code in comos-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee12368f5942eae69ed49370445277dace5431f4ded5556b51dcd1ef34bd4b4a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview comos-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Siemens COMOS has multiple vulnerabilities

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, retention and distribution of information throughout the plant lifecycle. Siemens COMOS has multiple vulnerabilities that can be exploited by attackers to execute...

CVE-2023-43503

A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...

CVE-2025-40800

A vulnerability has been identified in COMOS V10.6 All versions V10.6.1, COMOS V10.6 All versions V10.6.1, NX V2412 All versions V2412.8700, NX V2506 All versions V2506.6000, Simcenter 3D All versions V2506.6000, Simcenter Femap All versions V2506.0002, Solid Edge SE2025 All versions V225.0 Updat...

CVE-2025-40801

A vulnerability has been identified in COMOS V10.6 All versions V10.6.1, COMOS V10.6 All versions V10.6.1, JT Bi-Directional Translator for STEP All versions, NX V2412 All versions V2412.8900 with Cloud Entitlement bundled as NX X, NX V2506 All versions V2506.6000 with Cloud Entitlement bundled a...

CVE-2025-40800

A vulnerability has been identified in COMOS V10.6 All versions V10.6.1, COMOS V10.6 All versions V10.6.1, NX V2412 All versions V2412.8700, NX V2506 All versions V2506.6000, Simcenter 3D All versions V2506.6000, Simcenter Femap All versions V2506.0002, Solid Edge SE2025 All versions V225.0 Updat...

CVE-2025-40800

A vulnerability has been identified in COMOS V10.6 All versions V10.6.1, COMOS V10.6 All versions V10.6.1, NX V2412 All versions V2412.8700, NX V2506 All versions V2506.6000, Simcenter 3D All versions V2506.6000, Simcenter Femap All versions V2506.0002, Solid Edge SE2025 All versions V225.0 Updat...

CVE-2025-40800

CVE-2025-40800 affects Siemens products including COMOS, NX, Simcenter 3D/Femap, and Solid Edge. The IAM client in these products fails to validate server certificates when establishing TLS connections to the authorization server, enabling potential man-in-the-middle attacks. Affected versions in...

Siemens多款产品 信任管理问题漏洞

Siemens NX and others are products of Siemens, a German company.Siemens NX is Siemens COMOS is a process industry operations management software.Siemens JT Bi-Directional Translator for STEP is a data conversion tool. A trust management issue vulnerability exists in various Siemens products that...

Siemens多款产品 信任管理问题漏洞

Siemens Simcenter Femap and others are products of Siemens, a German company.Siemens Simcenter Femap is a cutting-edge engineering simulation application.Siemens NX is Siemens COMOS is a process industry operations management software. A trust management issue vulnerability exists in various...

PT-2025-49832

Name of the Vulnerable Software and Affected Versions COMOS versions prior to V10.6 NX versions prior to V2412.8700 NX versions prior to V2506.6000 Simcenter 3D versions prior to V2506.6000 Simcenter Femap versions prior to V2506.0002 Solid Edge SE2025 versions prior to V225.0 Update 10 Solid Edg...

Siemens COMOS

SUMMARY COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to...

CISA Releases 18 Industrial Control Systems Advisories

CISA released 18 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series ICSA-25-317-02 AVEVA Application Server IDE ICSA-25-317-03...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as Altair Grid Engine, COMOS, LOGO, SICAM, SIDOOR, SIMATIC, SIPLUS, Spectrum Power and Solid Edge. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: -...

Siemens COMOS

SUMMARY COMOS is affected by two vulnerabilities that could allow an attacker to execute arbitrary code or lead to data infiltration. Siemens has released a new version for COMOS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens...

EUVD-2013-3859

Malware in sbrugna...

EUVD-2021-23772

Malware in sbrugna...

EUVD-2021-23768

Malware in sbrugna...