{"uuid": "b233d666-bb4e-4b78-8a70-6c93107d785f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-54005", "type": "seen", "source": "https://t.me/cvedetector/12500", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54005 - \"Siemens COMOS XML External Entity Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-54005 \nPublished : Dec. 10, 2024, 2:30 p.m. | 38\u00a0minutes ago \nDescription : A vulnerability has been identified in COMOS V10.3 (All versions < V10.3.3.5.8), COMOS V10.4.0 (All versions), COMOS V10.4.1 (All versions), COMOS V10.4.2 (All versions), COMOS V10.4.3 (All versions < V10.4.3.0.47), COMOS V10.4.4 (All versions < V10.4.4.2), COMOS V10.4.4.1 (All versions < V10.4.4.1.21). The PDMS/E3D Engineering Interface improperly handles XML External Entity (XXE) entries when communicating with an external application. This could allow an attacker to extract any file with a known location on the user's system or accessible network folders by injecting malicious data into the communication channel between the two systems. \nSeverity: 5.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T16:38:08.000000Z"}