Details of VAR-201308-0304

ID

VAR-201308-0304

CVE

CVE-2013-4943

TITLE

Siemens COMOS Vulnerabilities in which privileges can be obtained in client applications

Trust: 0.8

sources: JVNDB: JVNDB-2013-003691

DESCRIPTION

The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrictions by leveraging COMOS project access. Siemens COMOS is a factory management software developed by Siemens. The following products are affected by this vulnerability: COMOS 9.1 prior to COMOS 9.1 LyraUpdate458 (Update 458) prior to COMOS 9.2 V092_Upd06_Patch037 (9.2.0.6.37) Prior to COMOS 10.0 V100_SP03_Patch019 (10.0.3.0.19). Siemens COMOS is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges, which may aid in further attacks. The software enables the holistic design and management of plant and machinery assets throughout their lifecycle

Trust: 2.7

sources: NVD: CVE-2013-4943 // JVNDB: JVNDB-2013-003691 // CNVD: CNVD-2013-12160 // BID: 61704 // IVD: cac38c3c-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-64945

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: cac38c3c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-12160

AFFECTED PRODUCTS

vendor:	siemens	model:	comos	scope:	eq	version:	9.2	Trust: 1.6
vendor:	siemens	model:	comos	scope:	eq	version:	10.0	Trust: 1.6
vendor:	siemens	model:	comos	scope:	eq	version:	9.1	Trust: 1.6
vendor:	siemens	model:	comos	scope:	eq	version:	9.2.0.6.37	Trust: 0.8
vendor:	siemens	model:	comos	scope:	lt	version:	9.2	Trust: 0.8
vendor:	siemens	model:	comos	scope:	eq	version:	10.0.3.0.19	Trust: 0.8
vendor:	siemens	model:	comos	scope:	lt	version:	10.0	Trust: 0.8
vendor:	siemens	model:	comos	scope:	eq	version:	10.x	Trust: 0.6
vendor:	siemens	model:	comos	scope:	eq	version:	9.x	Trust: 0.6
vendor:	comos	model:	-	scope:	eq	version:	9.1	Trust: 0.2
vendor:	comos	model:	-	scope:	eq	version:	9.2	Trust: 0.2
vendor:	comos	model:	-	scope:	eq	version:	10.0	Trust: 0.2

sources: IVD: cac38c3c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-12160 // JVNDB: JVNDB-2013-003691 // CNNVD: CNNVD-201308-135 // NVD: CVE-2013-4943

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-4943
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-4943
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2013-12160
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201308-135
value:	HIGH
Trust: 0.6
IVD:	cac38c3c-2352-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
VULHUB:	VHN-64945
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-4943
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-12160
severity:	MEDIUM
baseScore:	6.6
vectorString:	AV:L/AC:M/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	2.7
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	cac38c3c-2352-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	6.6
vectorString:	AV:L/AC:M/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	2.7
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-64945
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: cac38c3c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-12160 // VULHUB: VHN-64945 // JVNDB: JVNDB-2013-003691 // CNNVD: CNNVD-201308-135 // NVD: CVE-2013-4943

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-64945 // JVNDB: JVNDB-2013-003691 // NVD: CVE-2013-4943

THREAT TYPE

local

Trust: 0.9

sources: BID: 61704 // CNNVD: CNNVD-201308-135

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201308-135

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-003691

PATCH

title:	SSA-970879	url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-970879.pdf	Trust: 0.8
title:	Patch for Siemens COMOS Privilege Escalation Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/38163	Trust: 0.6

sources: CNVD: CNVD-2013-12160 // JVNDB: JVNDB-2013-003691

EXTERNAL IDS

db:	NVD	id:	CVE-2013-4943	Trust: 3.6
db:	SIEMENS	id:	SSA-970879	Trust: 2.3
db:	BID	id:	61704	Trust: 1.0
db:	CNNVD	id:	CNNVD-201308-135	Trust: 0.9
db:	CNVD	id:	CNVD-2013-12160	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-003691	Trust: 0.8
db:	SECUNIA	id:	54390	Trust: 0.6
db:	IVD	id:	CAC38C3C-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-64945	Trust: 0.1

sources: IVD: cac38c3c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-12160 // VULHUB: VHN-64945 // BID: 61704 // JVNDB: JVNDB-2013-003691 // CNNVD: CNNVD-201308-135 // NVD: CVE-2013-4943

REFERENCES

url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-970879.pdf	Trust: 2.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4943	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4943	Trust: 0.8
url:	http://www.secunia.com/advisories/54390/	Trust: 0.6
url:	http://subscriber.communications.siemens.com/	Trust: 0.3

sources: CNVD: CNVD-2013-12160 // VULHUB: VHN-64945 // BID: 61704 // JVNDB: JVNDB-2013-003691 // CNNVD: CNNVD-201308-135 // NVD: CVE-2013-4943

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 61704

SOURCES

db:	IVD	id:	cac38c3c-2352-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2013-12160
db:	VULHUB	id:	VHN-64945
db:	BID	id:	61704
db:	JVNDB	id:	JVNDB-2013-003691
db:	CNNVD	id:	CNNVD-201308-135
db:	NVD	id:	CVE-2013-4943

LAST UPDATE DATE

2024-08-14T15:14:03.318000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-12160	date:	2013-08-13T00:00:00
db:	VULHUB	id:	VHN-64945	date:	2013-08-13T00:00:00
db:	BID	id:	61704	date:	2013-08-09T00:00:00
db:	JVNDB	id:	JVNDB-2013-003691	date:	2013-08-19T00:00:00
db:	CNNVD	id:	CNNVD-201308-135	date:	2013-08-14T00:00:00
db:	NVD	id:	CVE-2013-4943	date:	2013-08-13T19:50:52.193

SOURCES RELEASE DATE

db:	IVD	id:	cac38c3c-2352-11e6-abef-000c29c66e3d	date:	2013-08-13T00:00:00
db:	CNVD	id:	CNVD-2013-12160	date:	2013-08-13T00:00:00
db:	VULHUB	id:	VHN-64945	date:	2013-08-09T00:00:00
db:	BID	id:	61704	date:	2013-08-09T00:00:00
db:	JVNDB	id:	JVNDB-2013-003691	date:	2013-08-13T00:00:00
db:	CNNVD	id:	CNNVD-201308-135	date:	2013-08-14T00:00:00
db:	NVD	id:	CVE-2013-4943	date:	2013-08-09T19:55:07.257