Privilege Escalation and Database Operation Bypass in Siemens COMOS

Privilege Escalation and Database Operation Bypass in Siemens COMOS

CVE-2013-4943 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrictions by leveraging COMOS project access.

Learn more about our User Device Pen Test.