Local Code Execution Vulnerabilities in COMOS Before V10.5
Plan Patch7.8SSA-659443Aug 13, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
COMOS before version 10.5 contains two local code execution vulnerabilities in the integrated Open Design Alliance Drawings SDK. Exploiting these requires local access to an engineering workstation and user interaction, such as opening a malicious design file. Successful exploitation allows an attacker to run arbitrary code with the privileges of the logged-in user.
What this means
What could happen
An attacker with local access to an engineering workstation running COMOS could execute arbitrary code with the privileges of the logged-in user, potentially gaining control over process configurations, alarming, or reporting systems.
Who's at risk
Siemens COMOS users who manage process automation, plant design, or engineering documentation. This affects engineering workstations and planning systems in water treatment plants, chemical plants, refineries, and power generation facilities that rely on COMOS for plant modeling and control system configuration.
How it could be exploited
An attacker must have local access to a COMOS workstation and trick a user into opening a malicious design file (e.g., via email or USB). When the user opens the file, the embedded vulnerability in the Open Design Alliance Drawings SDK is triggered, allowing code execution on that workstation.
Prerequisites
- Local access to the engineering workstation
- User interaction required (opening a malicious file)
- COMOS version before 10.5 installed
requires user interactionlocal access onlyaffects engineering workstations
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
COMOS<V10.510.5
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate COMOS to version 10.5 or later
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/6dc485d4-3835-43b8-a0cc-84716c62acc2