Vulnerabilites related to Siemens - Simcenter Femap V2022.1
CVE-2022-39137 (GCVE-0-2022-39137)
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17276)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.392Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17276)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:54", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39137", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17276)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39137", datePublished: "2022-09-13T09:40:54", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.392Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39151 (GCVE-0-2022-39151)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17736)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.622Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17736)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:06", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39151", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17736)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39151", datePublished: "2022-09-13T09:41:06", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.622Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39148 (GCVE-0-2022-39148)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17513)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.633Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17513)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:03", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39148", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17513)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39148", datePublished: "2022-09-13T09:41:04", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.633Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39147 (GCVE-0-2022-39147)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17506)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.568Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17506)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-824", description: "CWE-824: Access of Uninitialized Pointer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:03", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17506)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-824: Access of Uninitialized Pointer", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39147", datePublished: "2022-09-13T09:41:03", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.568Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39152 (GCVE-0-2022-39152)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17740)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.670Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17740)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:07", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39152", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17740)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39152", datePublished: "2022-09-13T09:41:07", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.670Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39150 (GCVE-0-2022-39150)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17735)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17735)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:05", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39150", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17735)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39150", datePublished: "2022-09-13T09:41:05", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39154 (GCVE-0-2022-39154)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18188)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.551Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18188)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:08", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39154", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18188)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39154", datePublished: "2022-09-13T09:41:09", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.551Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39145 (GCVE-0-2022-39145)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17496)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.614Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17496)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:01", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39145", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17496)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39145", datePublished: "2022-09-13T09:41:01", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.614Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39138 (GCVE-0-2022-39138)
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17284)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.638Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17284)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:55", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39138", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17284)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39138", datePublished: "2022-09-13T09:40:55", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.638Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39155 (GCVE-0-2022-39155)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18192)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.610Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18192)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:09", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39155", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18192)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39155", datePublished: "2022-09-13T09:41:09", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.610Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-41851 (GCVE-0-2022-41851)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:56
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-16973)
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | JTTK |
Version: All versions < V11.1.1.0 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:56:38.099Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-611756.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "JTTK", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V11.1.1.0", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-16973)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-824", description: "CWE-824: Access of Uninitialized Pointer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-11T00:00:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-611756.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-41851", datePublished: "2022-10-11T00:00:00", dateReserved: "2022-09-30T00:00:00", dateUpdated: "2024-08-03T12:56:38.099Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39144 (GCVE-0-2022-39144)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17494)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.635Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17494)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39144", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17494)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39144", datePublished: "2022-09-13T09:41:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.635Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39142 (GCVE-0-2022-39142)
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17485)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.643Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17485)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:58", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39142", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17485)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39142", datePublished: "2022-09-13T09:40:58", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.643Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39141 (GCVE-0-2022-39141)
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17296)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.617Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17296)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:57", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39141", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17296)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39141", datePublished: "2022-09-13T09:40:57", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.617Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39156 (GCVE-0-2022-39156)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18196)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.600Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18196)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:10", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39156", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18196)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39156", datePublished: "2022-09-13T09:41:10", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.600Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39149 (GCVE-0-2022-39149)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17733)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17733)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:04", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39149", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17733)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39149", datePublished: "2022-09-13T09:41:04", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39143 (GCVE-0-2022-39143)
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17493)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.623Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17493)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:59", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39143", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17493)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39143", datePublished: "2022-09-13T09:40:59", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.623Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39139 (GCVE-0-2022-39139)
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17289)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.550Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17289)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:55", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39139", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17289)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39139", datePublished: "2022-09-13T09:40:56", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.550Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-34465 (GCVE-0-2022-34465)
Vulnerability from cvelistv5
Published
2022-07-12 10:07
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:15.156Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.264", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.250", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.233", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:48", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-34465", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.264", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.250", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.233", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-34465", datePublished: "2022-07-12T10:07:20", dateReserved: "2022-06-24T00:00:00", dateUpdated: "2024-08-03T09:15:15.156Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39146 (GCVE-0-2022-39146)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17502)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.555Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17502)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-824", description: "CWE-824: Access of Uninitialized Pointer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:02", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39146", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17502)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-824: Access of Uninitialized Pointer", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39146", datePublished: "2022-09-13T09:41:02", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.555Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39140 (GCVE-0-2022-39140)
Vulnerability from cvelistv5
Published
2022-09-13 09:40
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17292)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.571Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17292)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:40:56", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39140", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17292)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39140", datePublished: "2022-09-13T09:40:56", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.571Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-39153 (GCVE-0-2022-39153)
Vulnerability from cvelistv5
Published
2022-09-13 09:41
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18187)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Parasolid V33.1 |
Version: All versions < V33.1.262 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.564Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V33.1.262", }, ], }, { product: "Parasolid V33.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V33.1.262 < V33.1.263", }, ], }, { product: "Parasolid V34.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.0.252", }, ], }, { product: "Parasolid V34.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V34.1.242", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V35.0.161", }, ], }, { product: "Parasolid V35.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V35.0.161 < V35.0.164", }, ], }, { product: "Simcenter Femap V2022.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.1.3", }, ], }, { product: "Simcenter Femap V2022.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2022.2.2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18187)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T09:41:08", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2022-39153", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions < V33.1.262", }, ], }, }, { product_name: "Parasolid V33.1", version: { version_data: [ { version_value: "All versions >= V33.1.262 < V33.1.263", }, ], }, }, { product_name: "Parasolid V34.0", version: { version_data: [ { version_value: "All versions < V34.0.252", }, ], }, }, { product_name: "Parasolid V34.1", version: { version_data: [ { version_value: "All versions < V34.1.242", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions < V35.0.161", }, ], }, }, { product_name: "Parasolid V35.0", version: { version_data: [ { version_value: "All versions >= V35.0.161 < V35.0.164", }, ], }, }, { product_name: "Simcenter Femap V2022.1", version: { version_data: [ { version_value: "All versions < V2022.1.3", }, ], }, }, { product_name: "Simcenter Femap V2022.2", version: { version_data: [ { version_value: "All versions < V2022.2.2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18187)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125: Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-39153", datePublished: "2022-09-13T09:41:08", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.564Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }