Siemens kas
CVE-2026-47192
LOW
GHSA-4vqc-wpwg-vh7j
Lifecycle Timeline
2DescriptionNVD
Impact
So far, kas checks out and processes repositories regarding configuration includes prior to validating signatures of those repositories. This may allow to replace on original repository with one under the control of an attacker under very specific conditions.
First of all, the attacker must have gained control of a repository that a kas file of the victim is referencing. Furthermore, the following conditions must be fulfilled:
- the victim's kas configuration must include a configuration file from the attacked repository
- the repository state is referenced by tag, and no commit ID is specified (this is triggering a warning, though)
- the key used for validating the tag or commit signature is stored as file in a repository
- no fingerprint for the key is specified
- the
_source_dirkey must not be set by the victim when calling kas (e.g. by avoiding a local.config.yaml)
Given these conditions, the attacker could modify the included kas configuration in way that the key used to validate the tag signature of the attacker's repository could be replaced by an attacker-chosen key.
No other exploit possibilities have been identified so far, but this does not rule out that those may exist.
Patches
The vulnerability was introduced with a2480fe59b6421eb96cf3bd86527ae6e412a331e, commit https://github.com/siemens/kas/commit/5b2114becfc154b16ef496d24f8c2191a2297f57 is resolving this issue. A misuse of _source_dir is resolved by commit https://github.com/siemens/kas/commit/c443c0a1fd0f9bd6a689a44d95a252085fc6da88. Shadowing a commit by a branch of the same name is described in advisory https://github.com/siemens/kas/security/advisories/GHSA-qjwp-hrq6-r26r and is addressed by commit https://github.com/siemens/kas/commit/4cb4a3d01122ffaec9feaae768a5814092f6f9b5. All patches have been released along with kas version 5.3.
Workarounds
Pin the expected signature key via its fingerprint, also when storing it as file in a repository.
AnalysisAI
Late signature validation in Siemens kas (pip/kas >= 4.8, < 5.3) allows an attacker who has already compromised a referenced upstream repository to substitute the cryptographic key used to validate that repository's tag signatures, effectively bypassing integrity checks entirely. Because kas processes and applies configuration includes from external repositories before verifying their signatures, a malicious repository can redirect the signature-validation key to one under attacker control. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires all five of the following conditions to be met simultaneously: (1) The attacker must have already obtained write access to a Git repository that the victim's kas configuration references as an include source - this is a hard prerequisite requiring prior supply-chain compromise. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | No CVSS vector or EPSS score is provided for this CVE, so severity cannot be formally graded; all risk signals must be inferred from the description and advisory data. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has compromised an upstream Git repository referenced in a victim's kas build configuration modifies that repository's included kas configuration file to redirect the signature validation key path to an attacker-controlled key. Because kas checks out and parses this configuration before validating the tag signature, the substituted key is loaded, allowing the attacker's tag signatures to pass validation - effectively granting silent control over the build inputs. … |
| Remediation | The primary remediation is to upgrade to kas version 5.3, which includes all three patches: commit 5b2114b (late validation ordering fix), commit c443c0a (misuse of _source_dir), and commit 4cb4a3d (branch-shadowing commit disambiguation). … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Signed XML message tampering in SAP NetWeaver Application Server ABAP and ABAP Platform allows authenticated low-privile
A lack of cryptographic signature verification in the validateAccessToken function of bookcars v8.3 allows attackers to
Authentication bypass in NSA Ghidra versions prior to 12.1 allows any holder of a valid CA-signed certificate to imperso
Decryption oracle exposure in Spring Security's SAML module allows unauthenticated remote attackers (PR:N, AV:N per CVSS
Share
External POC / Exploit Code
Leaving vuln.today