Database Privilege Escalation in Siemens COMOS Software
CVE-2013-6840

Currently unrated

Key Information:

Vendor: Siemens
Status: Comos
Vendor: CVE Published:; 10 December 2013

What is CVE-2013-6840?

Siemens COMOS versions prior to 9.2.0.8.1, 10.0 versions before 10.0.3.1.40, and 10.1 versions before 10.1.0.0.2 are susceptible to a local user vulnerability that enables unauthorized database access through unknown channels. This weakness allows local users to elevate their privileges, potentially compromising the integrity and confidentiality of the database. Users are urged to apply necessary updates to mitigate this risk.

References

http://www.securityfocus.com/bid/64153

vdb-entryx_refsource_BID

http://secunia.com/advisories/56010

third-party-advisoryx_refsource_SECUNIA

https://www.siemens.com/innovation/pool/de/forschungsfeld...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2013
Vulnerability Reserved
Nov 21, 2013