COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, preservation and distribution of information throughout the plant lifecycle. An access control error vulnerability exists in Siemens COMOS, which could be exploited by an attacker to directly query the database to access information to which a user does not have access rights.