Vulnerabilites related to Siemens - Parasolid V34.1
cve-2022-43397
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 13:32
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Simcenter Femap (All versions < V2023.1). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17854)
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.0 |
Version: All versions < V34.0.252 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:32:57.387Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-565356.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.170", }, ], }, { defaultStatus: "unknown", product: "Simcenter Femap", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2023.1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Simcenter Femap (All versions < V2023.1). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17854)", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-15T09:24:50.974Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-565356.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-43397", datePublished: "2022-11-08T00:00:00", dateReserved: "2022-10-18T00:00:00", dateUpdated: "2024-08-03T13:32:57.387Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39141
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17296)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.617Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17296)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:57", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39141", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17296)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39141", datePublished: "2022-09-13T09:40:57", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.617Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-46349
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:31
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19384)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:31:45.951Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.264", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.170", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V222.0MP12", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2023", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V223.0Update2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19384)", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-14T09:31:14.921Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-46349", datePublished: "2022-12-13T00:00:00", dateReserved: "2022-11-30T00:00:00", dateUpdated: "2024-08-03T14:31:45.951Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39152
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17740)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.670Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17740)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:07", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39152", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17740)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39152", datePublished: "2022-09-13T09:41:07", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.670Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38526
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2025-02-27 21:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: 0 < V34.1.258 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:56.282Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38526", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:54:17.639474Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T21:09:58.842Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { lessThan: "V34.1.258", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { lessThan: "V35.0.254", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { lessThan: "V35.1.171", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.1", vendor: "Siemens", versions: [ { lessThan: "V14.1.0.11", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.2", vendor: "Siemens", versions: [ { lessThan: "V14.2.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.3", vendor: "Siemens", versions: [ { lessThan: "V14.3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T07:50:32.703Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-38526", datePublished: "2023-08-08T09:20:35.106Z", dateReserved: "2023-07-19T09:55:44.210Z", dateUpdated: "2025-02-27T21:09:58.842Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39148
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17513)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.633Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17513)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:03", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39148", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17513)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39148", datePublished: "2022-09-13T09:41:04", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.633Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38531
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2024-08-13 07:50
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: 0 < V34.1.258 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:55.885Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { lessThan: "V34.1.258", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { lessThan: "V35.0.254", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { lessThan: "V35.1.184", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.1", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.2", vendor: "Siemens", versions: [ { lessThan: "V14.2.0.12", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.3", vendor: "Siemens", versions: [ { lessThan: "V14.3.0.9", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V2312", vendor: "Siemens", versions: [ { lessThan: "V2312.0004", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T07:50:39.222Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-38531", datePublished: "2023-08-08T09:20:40.773Z", dateReserved: "2023-07-19T09:55:44.210Z", dateUpdated: "2024-08-13T07:50:39.222Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39154
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18188)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.551Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18188)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:08", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39154", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18188)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39154", datePublished: "2022-09-13T09:41:09", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.551Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39138
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17284)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.638Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17284)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:55", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39138", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17284)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39138", datePublished: "2022-09-13T09:40:55", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.638Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39142
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17485)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.643Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17485)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:58", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39142", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17485)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39142", datePublished: "2022-09-13T09:40:58", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.643Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39146
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17502)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.555Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17502)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-824", description: "CWE-824: Access of Uninitialized Pointer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:02", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39146", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17502)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-824: Access of Uninitialized Pointer", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39146", datePublished: "2022-09-13T09:41:02", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.555Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39147
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17506)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.568Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17506)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-824", description: "CWE-824: Access of Uninitialized Pointer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:03", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17506)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-824: Access of Uninitialized Pointer", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39147", datePublished: "2022-09-13T09:41:03", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.568Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39144
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17494)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.635Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17494)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39144", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17494)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39144", datePublished: "2022-09-13T09:41:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.635Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-46348
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:31
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19383)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:31:46.340Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.264", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.170", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V222.0MP12", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2023", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V223.0Update2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19383)", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-14T09:31:13.727Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-46348", datePublished: "2022-12-13T00:00:00", dateReserved: "2022-11-30T00:00:00", dateUpdated: "2024-08-03T14:31:46.340Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39156
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18196)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.600Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18196)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:10", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39156", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18196)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39156", datePublished: "2022-09-13T09:41:10", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.600Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47936
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 20:07
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150). The affected application contains a stack overflow vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | JT Open |
Version: All versions < V11.2.3.0 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:02:36.549Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47936", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-20T20:07:21.772715Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-20T20:07:30.206Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "JT Open", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V11.2.3.0", }, ], }, { defaultStatus: "unknown", product: "JT Utilities", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13.2.3.0", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.170", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.1.150", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150). The affected application contains a stack overflow vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121: Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-15T09:24:56.841Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-47936", datePublished: "2023-02-14T10:36:21.369Z", dateReserved: "2022-12-23T11:29:16.433Z", dateUpdated: "2025-03-20T20:07:30.206Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39155
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18192)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.610Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18192)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:09", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39155", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18192)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39155", datePublished: "2022-09-13T09:41:09", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.610Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-41032
Vulnerability from cvelistv5
Published
2023-09-12 09:32
Modified
2025-02-27 20:55
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All versions < V36.0.142), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21263)
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: All versions < V34.1.258 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T18:46:11.388Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-190839.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-887122.pdf", }, { tags: [ "x_transferred", ], url: "https://www.bentley.com/advisories/be-2023-0004/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-41032", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:51:46.356843Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T20:55:11.015Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.258", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.253", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.1.184", }, ], }, { defaultStatus: "unknown", product: "Parasolid V36.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V36.0.142", }, ], }, { defaultStatus: "unknown", product: "Simcenter Femap V2301", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2301.0003", }, ], }, { defaultStatus: "unknown", product: "Simcenter Femap V2306", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2306.0001", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All versions < V36.0.142), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21263)", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-02T05:09:28.222Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-190839.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-887122.pdf", }, { url: "https://www.bentley.com/advisories/be-2023-0004/", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-41032", datePublished: "2023-09-12T09:32:33.893Z", dateReserved: "2023-08-22T15:41:08.129Z", dateUpdated: "2025-02-27T20:55:11.015Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38528
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2024-10-15 18:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.197), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted X_T file. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: 0 < V34.1.258 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:56.390Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38528", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T17:15:47.058198Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T18:33:06.845Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { lessThan: "V34.1.258", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { lessThan: "V35.0.254", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { lessThan: "V35.1.197", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { lessThan: "V35.1.184", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.1", vendor: "Siemens", versions: [ { lessThan: "V14.1.0.11", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.2", vendor: "Siemens", versions: [ { lessThan: "V14.2.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.3", vendor: "Siemens", versions: [ { lessThan: "V14.3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.197), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted X_T file. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T07:50:35.245Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-38528", datePublished: "2023-08-08T09:20:37.393Z", dateReserved: "2023-07-19T09:55:44.210Z", dateUpdated: "2024-10-15T18:33:06.845Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39139
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17289)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.550Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17289)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:55", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39139", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17289)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39139", datePublished: "2022-09-13T09:40:56", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.550Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30795
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2024-10-11 22:16
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4), Parasolid V34.0 (All versions < V34.0.253), Parasolid V34.1 (All versions < V34.1.243), Parasolid V35.0 (All versions < V35.0.177), Parasolid V35.1 (All versions < V35.1.073). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | JT Open |
Version: All versions < V11.4 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.439Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-001569.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30795", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T22:16:06.900938Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T22:16:31.109Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "JT Open", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V11.4", }, ], }, { defaultStatus: "unknown", product: "JT Utilities", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13.4", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.253", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.243", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.177", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.1.073", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4), Parasolid V34.0 (All versions < V34.0.253), Parasolid V34.1 (All versions < V34.1.243), Parasolid V35.0 (All versions < V35.0.177), Parasolid V35.1 (All versions < V35.1.073). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-08T09:20:19.964Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-001569.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-30795", datePublished: "2023-08-08T09:20:19.964Z", dateReserved: "2023-04-18T09:19:57.943Z", dateUpdated: "2024-10-11T22:16:31.109Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39157
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.0 (All versions >= V34.0.252 < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V34.1 (All versions >= V34.1.242 < V34.1.244), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.0 (All versions >= V35.0.170 < V35.0.184), Simcenter Femap (All versions < V2023.1). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17745)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.0 |
Version: All versions < V34.0.252 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.613Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-565356.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V34.0.252 < V34.0.254", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V34.1.242 < V34.1.244", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.170", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.170 < V35.0.184", }, ], }, { defaultStatus: "unknown", product: "Simcenter Femap", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2023.1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.0 (All versions >= V34.0.252 < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V34.1 (All versions >= V34.1.242 < V34.1.244), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.0 (All versions >= V35.0.170 < V35.0.184), Simcenter Femap (All versions < V2023.1). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17745)", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-15T09:24:49.998Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-565356.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39157", datePublished: "2022-11-08T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.613Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39137
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17276)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.392Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17276)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:54", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39137", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17276)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39137", datePublished: "2022-09-13T09:40:54", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.392Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38527
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2025-02-27 21:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: 0 < V34.1.258 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:55.719Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38527", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:54:16.187763Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T21:09:53.107Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { lessThan: "V34.1.258", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { lessThan: "V35.0.254", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.1", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.2", vendor: "Siemens", versions: [ { lessThan: "V14.2.0.12", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.3", vendor: "Siemens", versions: [ { lessThan: "V14.3.0.9", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V2312", vendor: "Siemens", versions: [ { lessThan: "V2312.0004", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T07:50:33.956Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-38527", datePublished: "2023-08-08T09:20:36.244Z", dateReserved: "2023-07-19T09:55:44.210Z", dateUpdated: "2025-02-27T21:09:53.107Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34465
Vulnerability from cvelistv5
Published
2022-07-12 10:07
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:15.156Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.264", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.250", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.233", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:48", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-34465", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.264", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.250", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.233", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-34465", datePublished: "2022-07-12T10:07:20", dateReserved: "2022-06-24T00:00:00", dateUpdated: "2024-08-03T09:15:15.156Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38532
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2024-11-25 21:18
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: 0 < V34.1.258 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:55.753Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38532", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-25T21:18:19.531895Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-25T21:18:29.388Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { lessThan: "V34.1.258", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { lessThan: "V35.0.254", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { lessThan: "V35.1.171", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.1", vendor: "Siemens", versions: [ { lessThan: "V14.1.0.11", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.2", vendor: "Siemens", versions: [ { lessThan: "V14.2.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.3", vendor: "Siemens", versions: [ { lessThan: "V14.3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition.", }, ], metrics: [ { cvssV3_1: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770: Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T07:50:40.643Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-38532", datePublished: "2023-08-08T09:20:41.916Z", dateReserved: "2023-07-19T09:55:44.211Z", dateUpdated: "2024-11-25T21:18:29.388Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39143
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17493)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.623Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17493)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:59", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39143", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17493)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39143", datePublished: "2022-09-13T09:40:59", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.623Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38529
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2025-02-27 21:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: 0 < V34.1.258 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:56.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38529", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:54:14.166450Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T21:09:47.625Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { lessThan: "V34.1.258", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { lessThan: "V35.0.254", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { lessThan: "V35.1.184", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.1", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.2", vendor: "Siemens", versions: [ { lessThan: "V14.2.0.12", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.3", vendor: "Siemens", versions: [ { lessThan: "V14.3.0.9", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V2312", vendor: "Siemens", versions: [ { lessThan: "V2312.0004", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T07:50:36.555Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-38529", datePublished: "2023-08-08T09:20:38.540Z", dateReserved: "2023-07-19T09:55:44.210Z", dateUpdated: "2025-02-27T21:09:47.625Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39153
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18187)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.564Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18187)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:08", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39153", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18187)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39153", datePublished: "2022-09-13T09:41:08", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.564Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-25140
Vulnerability from cvelistv5
Published
2023-02-14 10:37
Modified
2025-03-19 18:53
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150), Solid Edge SE2022 (All versions < V222.0MP12). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.0 |
Version: All versions < V34.0.254 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:18:35.846Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-25140", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-19T18:53:27.859268Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-19T18:53:35.636Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.254", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.170", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.1.150", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V222.0MP12", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150), Solid Edge SE2022 (All versions < V222.0MP12). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-14T09:31:55.102Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-25140", datePublished: "2023-02-14T10:37:08.574Z", dateReserved: "2023-02-03T08:06:30.685Z", dateUpdated: "2025-03-19T18:53:35.636Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39140
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17292)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.571Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17292)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:56", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39140", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17292)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39140", datePublished: "2022-09-13T09:40:56", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.571Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38525
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2025-02-27 21:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: 0 < V34.1.258 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:56.430Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38525", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:54:18.935410Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T21:10:04.475Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { lessThan: "V34.1.258", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { lessThan: "V35.0.254", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { lessThan: "V35.1.171", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.1", vendor: "Siemens", versions: [ { lessThan: "V14.1.0.11", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.2", vendor: "Siemens", versions: [ { lessThan: "V14.2.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.3", vendor: "Siemens", versions: [ { lessThan: "V14.3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T07:50:31.439Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-38525", datePublished: "2023-08-08T09:20:33.970Z", dateReserved: "2023-07-19T09:55:44.210Z", dateUpdated: "2025-02-27T21:10:04.475Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-46347
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:31
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19079)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:31:45.791Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.264", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.170", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V222.0MP12", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2023", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V223.0Update2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19079)", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-14T09:31:12.594Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-46347", datePublished: "2022-12-13T00:00:00", dateReserved: "2022-11-30T00:00:00", dateUpdated: "2024-08-03T14:31:45.791Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39149
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17733)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17733)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:04", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39149", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17733)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39149", datePublished: "2022-09-13T09:41:04", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38524
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2025-02-27 21:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain null pointer dereference while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: 0 < V34.1.258 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:55.704Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38524", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:50:57.876152Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T21:10:10.639Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { lessThan: "V34.1.258", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { lessThan: "V35.0.254", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { lessThan: "V35.1.171", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.1", vendor: "Siemens", versions: [ { lessThan: "V14.1.0.11", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.2", vendor: "Siemens", versions: [ { lessThan: "V14.2.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.3", vendor: "Siemens", versions: [ { lessThan: "V14.3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain null pointer dereference while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 2, baseSeverity: "LOW", vectorString: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476: NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T07:50:30.129Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-38524", datePublished: "2023-08-08T09:20:32.849Z", dateReserved: "2023-07-19T09:55:44.209Z", dateUpdated: "2025-02-27T21:10:10.639Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39151
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17736)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.622Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17736)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:06", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39151", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17736)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39151", datePublished: "2022-09-13T09:41:06", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.622Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39145
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17496)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.614Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17496)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:01", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39145", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17496)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39145", datePublished: "2022-09-13T09:41:01", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.614Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38530
Vulnerability from cvelistv5
Published
2023-08-08 09:20
Modified
2025-02-27 21:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V34.1 |
Version: 0 < V34.1.258 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:55.952Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-38530", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:54:07.859657Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T21:09:41.320Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { lessThan: "V34.1.258", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { lessThan: "V35.0.254", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.1", vendor: "Siemens", versions: [ { lessThan: "V35.1.171", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.1", vendor: "Siemens", versions: [ { lessThan: "V14.1.0.11", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.2", vendor: "Siemens", versions: [ { lessThan: "V14.2.0.6", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Teamcenter Visualization V14.3", vendor: "Siemens", versions: [ { lessThan: "V14.3.0.3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T07:50:37.879Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-407785.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-38530", datePublished: "2023-08-08T09:20:39.660Z", dateReserved: "2023-07-19T09:55:44.210Z", dateUpdated: "2025-02-27T21:09:41.320Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39150
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17735)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17735)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:05", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39150", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17735)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39150", datePublished: "2022-09-13T09:41:05", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-46345
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:31
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19070)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:siemens:parasolid:33.1:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "parasolid", vendor: "siemens", versions: [ { lessThan: "33.1.264", status: "affected", version: "33.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:solid_edge:se2022:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "solid_edge", vendor: "siemens", versions: [ { lessThan: "v223.0", status: "affected", version: "se2022", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:parasolid:34.1:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "parasolid", vendor: "siemens", versions: [ { lessThan: "34.1.242", status: "affected", version: "34.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:parasolid:35.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "parasolid", vendor: "siemens", versions: [ { lessThan: "35.0.170", status: "affected", version: "35.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:parasolid:34.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "parasolid", vendor: "siemens", versions: [ { lessThan: "34.0.252", status: "affected", version: "34.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-46345", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-05-14T13:00:20.745055Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-05T19:22:59.367Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T14:31:46.241Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.264", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.170", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V222.0MP12", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2023", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V223.0Update2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19070)", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-14T09:31:10.275Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-46345", datePublished: "2022-12-13T00:00:00", dateReserved: "2022-11-30T00:00:00", dateUpdated: "2024-08-03T14:31:46.241Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-46346
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:31
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19071)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:31:45.864Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.264", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { defaultStatus: "unknown", product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { defaultStatus: "unknown", product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.170", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V222.0MP12", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2022", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Solid Edge SE2023", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V223.0Update2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19071)", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-14T09:31:11.475Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-46346", datePublished: "2022-12-13T00:00:00", dateReserved: "2022-11-30T00:00:00", dateUpdated: "2024-08-03T14:31:45.864Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }