CVE-2023-43505
First published: Tue Nov 14 2023(Updated: )
A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens COMOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-43505?
The severity of CVE-2023-43505 is critical with a CVSS score of 9.6.
How does CVE-2023-43505 affect COMOS?
CVE-2023-43505 affects all versions of COMOS by exposing a vulnerability in SMB shares, which can allow unauthorized access to files.
What is the CWE ID for CVE-2023-43505?
The CWE ID for CVE-2023-43505 is 284.
Is there a fix available for CVE-2023-43505?
Yes, Siemens has provided a fix for CVE-2023-43505. Please refer to the provided reference for more information.
Where can I find more information about CVE-2023-43505?
You can find more information about CVE-2023-43505 in the reference provided: https://cert-portal.siemens.com/productcert/pdf/ssa-137900.pdf
- collector/mitre-cve
- collector/nvd-api
- vendor/siemens
- canonical/siemens comos