Munich, Germany-based Siemens created a patch to mitigate a privilege escalation vulnerability in its COMOS database application, according to a report on ICS-CERT. Siemens self reported the vulnerability.
The following Siemens COMOS versions suffer from the issue:
• All COMOS versions prior to 9.1
• COMOS 9.1: all versions prior to LyraUpdate458 (Update 458)
• COMOS 9.2: all versions prior to V092_Upd06_Patch037 (188.8.131.52.37)
• COMOS 10.0: all versions prior to V100_SP03_Patch019 (10.0.3.0.19)
This vulnerability may allow attackers to escalate their privileges for database access. This could allow compromise of the integrity of the database. The attacker would need local access as an authenticated user to exploit the vulnerability.
COMOS is an object-oriented database system that supports collecting, processing, saving, and distributing information. COMOS works across different engineering domains, including functional engineering of plans and machines, engineering and design, automation and process control planning, and asset and plant management. COMOS offices are in Europe, the Americas, and Asia.
A vulnerability in the client application of COMOS might allow an attacker privilege escalation to the database using the COMOS graphical user interface. This interface is for local authenticated users to access the database through the client application.
CVE-2013-4943 is the number assigned to this vulnerability, which has a CVSS v2 base score of 7.2.
The attacker would need local access as an authenticated user to exploit the vulnerability. No known public exploits specifically target this vulnerability, however, an attacker with a low skill would be able to exploit this vulnerability.
Siemens provides the following updates for COMOS Versions 9.1, 9.2, and 10.0 that resolves this vulnerability:
• COMOS v9.1 use patch LyraUpdate458 (Update 458)
• COMOS v9.2 use patch V092_Upd06_Patch037 (184.108.40.206.37)
• COMOS v10.0 use patch V100_SP03_Patch019 (10.0.3.0.19).
Click here for the available updates at the Siemens customer support site.
For further information, please find a description and release notes in the Siemens Security Advisory.