CVE-2023-43505
CVE-2023-43505
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.6EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 Nov 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in SMB shares. This could allow an attacker to access files that the user should not have access to.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N/E:P/RL:O/RC:C
Affected products
Siemens · COMOSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →