Multiple Vulnerabilities in COMOS

Act Now10SSA-212953Dec 9, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Siemens COMOS is affected by multiple critical vulnerabilities (CWE-200, CWE-79, CWE-20, CWE-340, CWE-295) that allow remote attackers to execute arbitrary code, cause denial of service, exfiltrate data, or violate access controls without requiring authentication. The vulnerabilities impact COMOS V10.4 (< 10.4.5), V10.4.5, V10.5 (< 10.5.2), and V10.6 (< 10.6.1). This vulnerability is actively exploited in the wild.

What this means

What could happen

An attacker could execute arbitrary code on COMOS systems, leading to unauthorized control of industrial processes, data theft, or service disruption. This affects all plant operations dependent on COMOS for configuration management and control logic.

Who's at risk

All water authorities and utilities running Siemens COMOS for process automation, equipment configuration, and control logic. This affects organizations using COMOS versions 10.4, 10.4.5, 10.5, or 10.6 for managing PLCs, distributed control systems, and related industrial equipment.

How it could be exploited

An attacker with network access to a COMOS system can send a specially crafted request that exploits one of the multiple vulnerabilities (CWE-200, CWE-79, CWE-20, CWE-340, CWE-295) to execute arbitrary code without authentication. This could be done from an external network or internal segment where COMOS is reachable.

Prerequisites

Network access to COMOS system on its operational port
No valid credentials required
COMOS version 10.4, 10.4.5, 10.5, or 10.6 (below patched versions)

remotely exploitableno authentication requiredlow complexityactively exploited (KEV)high EPSS score (39.5%)no patch available for V10.4.5affects control systems

Exploitability

Actively exploited — confirmed by CISA KEV

Affected products (4)

4 with fix

ProductAffected VersionsFix Status

COMOS V10.4.5< 10.4.5.0.210.4.5

COMOS V10.6< 10.6.110.6.1

COMOS V10.4< 10.4.510.4.5

COMOS V10.5< 10.5.210.5.2

Remediation & Mitigation

0/5

Do now

0/5

COMOS V10.6

HOTFIXUpdate COMOS V10.6 to version 10.6.1 or later

COMOS V10.4

HOTFIXUpdate COMOS V10.4 to version 10.4.5 or later

COMOS V10.5

HOTFIXUpdate COMOS V10.5 to version 10.5.2 or later

All products

WORKAROUNDContact Siemens customer support for patch and update information for V10.4.5 systems (no fix available for this version)

HARDENINGRestrict network access to COMOS systems by implementing firewall rules to limit connectivity to only authorized engineering workstations and plant networks

CVEs (6)

CVE-2024-11053 CVE-2024-47875 CVE-2025-2783 CVE-2025-10148 CVE-2025-40800 CVE-2025-40801

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/7953d547-14b3-4039-8b92-61a3b7cacfce