{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-43504","assignerOrgId":"cec7a2ec-15b4-4faf-bd53-b40f371f3a77","state":"PUBLISHED","assignerShortName":"siemens","dateReserved":"2023-09-19T10:00:12.440Z","datePublished":"2023-11-14T11:03:46.350Z","dateUpdated":"2025-01-08T16:40:40.776Z"},"containers":{"cna":{"providerMetadata":{"orgId":"cec7a2ec-15b4-4faf-bd53-b40f371f3a77","shortName":"siemens","dateUpdated":"2023-11-14T11:03:46.350Z"},"descriptions":[{"lang":"en","value":"A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition."}],"affected":[{"vendor":"Siemens","product":"COMOS","versions":[{"version":"All versions < V10.4.4","status":"affected"}],"defaultStatus":"unknown"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C","baseScore":9.6,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-120","description":"CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","type":"CWE"}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-137900.pdf"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T19:44:43.059Z"},"title":"CVE Program Container","references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-137900.pdf","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2023-12-09T05:05:53.215753Z","id":"CVE-2023-43504","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-08T16:40:40.776Z"}}]}}