174 matches found
Siemens Comos 代码问题漏洞
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. Siemens COMOS suffers from an XXE injection vulnerability that can be exploited by an...
PT-2024-33656 · Siemens · Comos
Name of the Vulnerable Software and Affected Versions: COMOS V10.3 versions prior to V10.3.3.5.8 COMOS V10.4.0 versions prior to V10.4.4.2 COMOS V10.4.1 versions prior to V10.4.4.2 COMOS V10.4.2 versions prior to V10.4.4.2 COMOS V10.4.3 versions prior to V10.4.3.0.47 COMOS V10.4.4 versions prior ...
Siemens Comos 代码问题漏洞
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. Siemens COMOS suffers from an XXE injection vulnerability that can be exploited by an...
Siemens COMOS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens COMOS Access Control Error Vulnerability (CNVD-2023-86339)
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. An access control error vulnerability exists in Siemens COMOS, which could be exploited...
The vulnerability of the ptmcast.exe executable software used for designing, operating, and maintaining technological installations like COMOS allows a perpetrator to compromise data confidentiality and integrity.
The vulnerability of the ptmcast.exe executable software used for the design, operation, and maintenance of COMOS technological installations lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a malicious actor to compromise the...
Siemens COMOS Buffer Overflow Vulnerability (CNVD-2023-86341)
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. A buffer overflow vulnerability exists in Siemens COMOS, which can be exploited by an...
Siemens COMOS Access Control Error Vulnerability
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. An access control error vulnerability exists in Siemens COMOS, which could be exploited...
Siemens COMOS Sensitive Information Plaintext Transfer Vulnerability
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. A plaintext transfer of sensitive information vulnerability exists in Siemens COMOS. Th...
The vulnerability of the Server Message Block (SMB) network protocol software used in the design, operation, and maintenance of COMOS technical installations stems from lack of access control mechanisms. This allows attackers to compromise data confidentiality and integrity.
The vulnerability of the Server Message Block SMB network protocol software used for designing, operating, and maintaining technological installations like COMOS is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to compromise data...
The vulnerability of the software for designing, operating, and maintaining COMOS technological installations lies in the transfer of accounting data in unencrypted form, allowing a perpetrator to gain access to configuration data.
The vulnerability of COMOS’ software for the design, operation, and maintenance of technological installations lies in the transfer of accounting data in an unencrypted form. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to configuration data...
The vulnerability of the software for the design, operation, and maintenance of COMOS technological installations stems from lack of access control measures, allowing attackers to compromise data confidentiality and integrity.
The vulnerability of COMOS’ software for the design, operation, and maintenance of technological installations is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of data...
CVE-2023-46601
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to...
CVE-2023-43504
A vulnerability has been identified in COMOS All versions V10.4.4. Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler SEH based buffer overflow. This could allow an attacker to execute arbitrary code on the target...
CVE-2023-43505
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to...
CVE-2023-43504
A vulnerability has been identified in COMOS All versions V10.4.4. Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler SEH based buffer overflow. This could allow an attacker to execute arbitrary code on the target...
CVE-2023-43503
A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...
CVE-2023-43503
A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...
Design/Logic Flaw
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to...
Design/Logic Flaw
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to...