A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/html/ssa-407785.html | |
https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
11 Jun 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
16 Feb 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:siemens:teamcenter_visualization:14.3:*:*:*:*:*:*:* |
14 Nov 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. |
11 Aug 2023, 20:51
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf - Patch, Vendor Advisory | |
First Time |
Siemens
Siemens parasolid Siemens teamcenter Visualization |
|
CWE | CWE-125 | |
CPE | cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:teamcenter_visualization:14.3:*:*:*:*:*:*:* cpe:2.3:a:siemens:teamcenter_visualization:14.1:*:*:*:*:*:*:* cpe:2.3:a:siemens:parasolid:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
08 Aug 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-08 10:15
Updated : 2024-06-11 12:15
NVD link : CVE-2023-38526
Mitre link : CVE-2023-38526
CVE.ORG link : CVE-2023-38526
JSON object : View
Products Affected
siemens
- teamcenter_visualization
- parasolid
CWE
CWE-125
Out-of-bounds Read