Lucene search
K

174 matches found

CNNVD
CNNVD
added 2024/12/10 12:0 a.m.3 views

Siemens Comos 代码问题漏洞

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. Siemens COMOS suffers from an XXE injection vulnerability that can be exploited by an...

5.7CVSS7AI score0.00182EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.3 views

PT-2024-33656 · Siemens · Comos

Name of the Vulnerable Software and Affected Versions: COMOS V10.3 versions prior to V10.3.3.5.8 COMOS V10.4.0 versions prior to V10.4.4.2 COMOS V10.4.1 versions prior to V10.4.4.2 COMOS V10.4.2 versions prior to V10.4.4.2 COMOS V10.4.3 versions prior to V10.4.3.0.47 COMOS V10.4.4 versions prior ...

5.7CVSS6.8AI score0.00182EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.4 views

Siemens Comos 代码问题漏洞

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. Siemens COMOS suffers from an XXE injection vulnerability that can be exploited by an...

5.9CVSS6.8AI score0.00155EPSS
Exploits0References1
ICS
ICS
added 2024/08/13 12:0 a.m.40 views

Siemens COMOS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS8.1AI score0.0044EPSS
Exploits0References10
CNVD
CNVD
added 2023/11/15 12:0 a.m.19 views

Siemens COMOS Access Control Error Vulnerability (CNVD-2023-86339)

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. An access control error vulnerability exists in Siemens COMOS, which could be exploited...

9.6CVSS6.5AI score0.00521EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/11/15 12:0 a.m.7 views

The vulnerability of the ptmcast.exe executable software used for designing, operating, and maintaining technological installations like COMOS allows a perpetrator to compromise data confidentiality and integrity.

The vulnerability of the ptmcast.exe executable software used for the design, operation, and maintenance of COMOS technological installations lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a malicious actor to compromise the...

9.6CVSS7.7AI score0.00851EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2023/11/15 12:0 a.m.19 views

Siemens COMOS Buffer Overflow Vulnerability (CNVD-2023-86341)

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. A buffer overflow vulnerability exists in Siemens COMOS, which can be exploited by an...

9.8CVSS8.3AI score0.00851EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/15 12:0 a.m.22 views

Siemens COMOS Access Control Error Vulnerability

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. An access control error vulnerability exists in Siemens COMOS, which could be exploited...

9.6CVSS6.5AI score0.00516EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/15 12:0 a.m.21 views

Siemens COMOS Sensitive Information Plaintext Transfer Vulnerability

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. A plaintext transfer of sensitive information vulnerability exists in Siemens COMOS. Th...

7.5CVSS6.3AI score0.00309EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/11/15 12:0 a.m.6 views

The vulnerability of the Server Message Block (SMB) network protocol software used in the design, operation, and maintenance of COMOS technical installations stems from lack of access control mechanisms. This allows attackers to compromise data confidentiality and integrity.

The vulnerability of the Server Message Block SMB network protocol software used for designing, operating, and maintaining technological installations like COMOS is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to compromise data...

9.6CVSS6.6AI score0.00516EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/15 12:0 a.m.5 views

The vulnerability of the software for designing, operating, and maintaining COMOS technological installations lies in the transfer of accounting data in unencrypted form, allowing a perpetrator to gain access to configuration data.

The vulnerability of COMOS’ software for the design, operation, and maintenance of technological installations lies in the transfer of accounting data in an unencrypted form. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to configuration data...

3.5CVSS7.2AI score0.00309EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/15 12:0 a.m.7 views

The vulnerability of the software for the design, operation, and maintenance of COMOS technological installations stems from lack of access control measures, allowing attackers to compromise data confidentiality and integrity.

The vulnerability of COMOS’ software for the design, operation, and maintenance of technological installations is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of data...

9.6CVSS7.2AI score0.00521EPSS
Exploits0References3
NVD
NVD
added 2023/11/14 11:15 a.m.28 views

CVE-2023-46601

A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to...

9.6CVSS0.00521EPSS
Exploits0References1
NVD
NVD
added 2023/11/14 11:15 a.m.16 views

CVE-2023-43504

A vulnerability has been identified in COMOS All versions V10.4.4. Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler SEH based buffer overflow. This could allow an attacker to execute arbitrary code on the target...

9.8CVSS0.00851EPSS
Exploits0References1
NVD
NVD
added 2023/11/14 11:15 a.m.17 views

CVE-2023-43505

A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to...

9.6CVSS0.00516EPSS
Exploits0References1
OSV
OSV
added 2023/11/14 11:15 a.m.5 views

CVE-2023-43504

A vulnerability has been identified in COMOS All versions V10.4.4. Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler SEH based buffer overflow. This could allow an attacker to execute arbitrary code on the target...

9.8CVSS6.4AI score0.00851EPSS
Exploits0References1
OSV
OSV
added 2023/11/14 11:15 a.m.5 views

CVE-2023-43503

A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...

7.5CVSS5.7AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2023/11/14 11:15 a.m.16 views

CVE-2023-43503

A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...

7.5CVSS0.00309EPSS
Exploits0References1
Prion
Prion
added 2023/11/14 11:15 a.m.26 views

Design/Logic Flaw

A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to...

4CVSS6.9AI score0.00516EPSS
Exploits0References1
Prion
Prion
added 2023/11/14 11:15 a.m.20 views

Design/Logic Flaw

A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to...

5CVSS6.7AI score0.00521EPSS
Exploits0References1
Rows per page
Query Builder