174 matches found
Design/Logic Flaw
A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...
Design/Logic Flaw
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to...
CVE-2023-46601
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to...
CVE-2023-46601
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to...
CVE-2023-46601
Summary of CVE-2023-46601 : Siemens COMOS (All versions) is affected by an access control vulnerability in the SQLServer connection path, enabling an attacker to query the database and access information beyond the user’s rights. The issue is described across multiple feeds as an improper access ...
CVE-2023-43505
CVE-2023-43505 affects Siemens COMOS (all versions) with an impaired access-control mechanism on SMB shares, enabling an attacker to access files beyond the user’s rights. The root cause is improper SMB access control in COMOS. Impact is high for confidentiality (C:H) with network access and low ...
CVE-2023-43505
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to...
CVE-2023-43505
A vulnerability has been identified in COMOS All versions. The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to...
CVE-2023-43504
A vulnerability has been identified in COMOS All versions V10.4.4. Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler SEH based buffer overflow. This could allow an attacker to execute arbitrary code on the target...
CVE-2023-43504
Siemens COMOS is affected (all versions
CVE-2023-43504
A vulnerability has been identified in COMOS All versions V10.4.4. Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler SEH based buffer overflow. This could allow an attacker to execute arbitrary code on the target...
CVE-2023-43503
CVE-2023-43503 affects Siemens COMOS (All versions
CVE-2023-43503
A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...
CVE-2023-43503
A vulnerability has been identified in COMOS All versions V10.4.4. Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP...
Siemens Comos 安全漏洞
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. A buffer overflow vulnerability exists in Siemens COMOS, which can be exploited by an...
Siemens COMOS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Comos 安全漏洞
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. An access control error vulnerability exists in Siemens COMOS, which could be exploited...
Siemens Comos 安全漏洞
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. An access control error vulnerability exists in Siemens COMOS, which could be exploited...
Siemens Comos 安全漏洞
COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. A plaintext transfer of sensitive information vulnerability exists in Siemens COMOS. Th...
PT-2023-6873 · Comos · Comos
Name of the Vulnerable Software and Affected Versions: COMOS All versions Description: The issue is related to the implementation of the Server Message Block SMB network protocol in COMOS software, which is used for designing, operating, and maintaining technological installations. It is associat...