Vulnerabilities > CVE-2013-3927 - Local Security Bypass vulnerability in Siemens Comos 10.0/9.2

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

siemens

NVD

Published: 2013-06-18

Updated: 2013-06-19

Summary

Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging read access.

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens Comos 9.2 Siemens Comos 10.0	2

References

http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-194865.pdf