CVE-2023-43505

Name of the Vulnerable Software and Affected Versions COMOS (All versions)

Description The issue is related to the implementation of the Server Message Block (SMB) network protocol in COMOS software, which is used for designing, operating, and maintaining technological installations. It is associated with inadequate access control. Exploitation of this issue could allow a remote attacker to impact the confidentiality and integrity of data. The affected application lacks proper access controls in SMB shares, which could enable an attacker to access files that the user should not have access to.

Recommendations For COMOS (All versions), ensure proper access controls are implemented for SMB shares to prevent unauthorized access to files. As a temporary workaround, consider restricting access to SMB shares until a patch is available. Additionally, review and adjust file permissions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.