VAR-201308-0304
Vulnerability from variot - Updated: 2023-12-18 13:44The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrictions by leveraging COMOS project access. Siemens COMOS is a factory management software developed by Siemens. The following products are affected by this vulnerability: COMOS 9.1 prior to COMOS 9.1 LyraUpdate458 (Update 458) prior to COMOS 9.2 V092_Upd06_Patch037 (9.2.0.6.37) Prior to COMOS 10.0 V100_SP03_Patch019 (10.0.3.0.19). Siemens COMOS is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges, which may aid in further attacks. The software enables the holistic design and management of plant and machinery assets throughout their lifecycle
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201308-0304",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "comos",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "9.1"
},
{
"model": "comos",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "10.0"
},
{
"model": "comos",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "9.2"
},
{
"model": "comos",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "9.2.0.6.37"
},
{
"model": "comos",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "9.2"
},
{
"model": "comos",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "10.0.3.0.19"
},
{
"model": "comos",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "10.0"
},
{
"model": "comos",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "10.x"
},
{
"model": "comos",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "9.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "comos",
"version": "9.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "comos",
"version": "9.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "comos",
"version": "10.0"
}
],
"sources": [
{
"db": "IVD",
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003691"
},
{
"db": "NVD",
"id": "CVE-2013-4943"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-135"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:comos:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:comos:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:comos:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4943"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "61704"
}
],
"trust": 0.3
},
"cve": "CVE-2013-4943",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-4943",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.7,
"id": "CNVD-2013-12160",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.7,
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-64945",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-4943",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-12160",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201308-135",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-64945",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"db": "VULHUB",
"id": "VHN-64945"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003691"
},
{
"db": "NVD",
"id": "CVE-2013-4943"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-135"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrictions by leveraging COMOS project access. Siemens COMOS is a factory management software developed by Siemens. The following products are affected by this vulnerability: COMOS 9.1 prior to COMOS 9.1 LyraUpdate458 (Update 458) prior to COMOS 9.2 V092_Upd06_Patch037 (9.2.0.6.37) Prior to COMOS 10.0 V100_SP03_Patch019 (10.0.3.0.19). Siemens COMOS is prone to a local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to gain elevated privileges, which may aid in further attacks. The software enables the holistic design and management of plant and machinery assets throughout their lifecycle",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4943"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003691"
},
{
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"db": "BID",
"id": "61704"
},
{
"db": "IVD",
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-64945"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4943",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-970879",
"trust": 2.3
},
{
"db": "BID",
"id": "61704",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201308-135",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-12160",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003691",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "54390",
"trust": 0.6
},
{
"db": "IVD",
"id": "CAC38C3C-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-64945",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"db": "VULHUB",
"id": "VHN-64945"
},
{
"db": "BID",
"id": "61704"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003691"
},
{
"db": "NVD",
"id": "CVE-2013-4943"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-135"
}
]
},
"id": "VAR-201308-0304",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"db": "VULHUB",
"id": "VHN-64945"
}
],
"trust": 0.09
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12160"
}
]
},
"last_update_date": "2023-12-18T13:44:35.662000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-970879",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-970879.pdf"
},
{
"title": "Patch for Siemens COMOS Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/38163"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003691"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64945"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003691"
},
{
"db": "NVD",
"id": "CVE-2013-4943"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-970879.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4943"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4943"
},
{
"trust": 0.6,
"url": "http://www.secunia.com/advisories/54390/"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"db": "VULHUB",
"id": "VHN-64945"
},
{
"db": "BID",
"id": "61704"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003691"
},
{
"db": "NVD",
"id": "CVE-2013-4943"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-135"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"db": "VULHUB",
"id": "VHN-64945"
},
{
"db": "BID",
"id": "61704"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003691"
},
{
"db": "NVD",
"id": "CVE-2013-4943"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-135"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-13T00:00:00",
"db": "IVD",
"id": "cac38c3c-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-08-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"date": "2013-08-09T00:00:00",
"db": "VULHUB",
"id": "VHN-64945"
},
{
"date": "2013-08-09T00:00:00",
"db": "BID",
"id": "61704"
},
{
"date": "2013-08-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003691"
},
{
"date": "2013-08-09T19:55:07.257000",
"db": "NVD",
"id": "CVE-2013-4943"
},
{
"date": "2013-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-135"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12160"
},
{
"date": "2013-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-64945"
},
{
"date": "2013-08-09T00:00:00",
"db": "BID",
"id": "61704"
},
{
"date": "2013-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003691"
},
{
"date": "2013-08-13T19:50:52.193000",
"db": "NVD",
"id": "CVE-2013-4943"
},
{
"date": "2013-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-135"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "61704"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-135"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens COMOS Vulnerabilities in which privileges can be obtained in client applications",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003691"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201308-135"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…