Siemens COMOS

SUMMARY COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to...

EUVD-2012-2987

Malware in sbrugna...

The vulnerabilities of the Generic Data Mapper, Engineering Adapter, and Engineering Interface modules of the software for designing, operating, and maintaining technological installations like COMOS, allow attackers to execute XXE attacks.

The vulnerability of the Generic Data Mapper, Engineering Adapter, and Engineering Interface modules of the COMOS software for designing, operating, and maintaining technological installations is related to a bug that restricts XML references to external objects. Exploiting this vulnerability cou...

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in Scalance, among others, TIA, SiPass, SIMATIC, COMOS, Brownfield, JT Open Toolkit, Mendix, RuggedCom and Solid Edge. The vulnerabilities would allow a malicious potentially able to launch attacks that result in the following categories of damage:...