Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-37203 (GCVE-0-2021-37203)
Vulnerability from cvelistv5 – Published: 2021-09-14 10:47 – Updated: 2024-08-04 01:16
VLAI
EPSS
Summary
A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations.
Severity
7.1 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | NX 1980 Series |
Affected:
All versions < V1984
|
|
| Siemens | Solid Edge SE2021 |
Affected:
All versions < SE2021MP8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NX 1980 Series",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1984"
}
]
},
{
"product": "Solid Edge SE2021",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c SE2021MP8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in NX 1980 Series (All versions \u003c V1984), Solid Edge SE2021 (All versions \u003c SE2021MP8). The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-28T11:12:26.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-37203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NX 1980 Series",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1984"
}
]
}
},
{
"product_name": "Solid Edge SE2021",
"version": {
"version_data": [
{
"version_value": "All versions \u003c SE2021MP8"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in NX 1980 Series (All versions \u003c V1984), Solid Edge SE2021 (All versions \u003c SE2021MP8). The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-37203",
"datePublished": "2021-09-14T10:47:56.000Z",
"dateReserved": "2021-07-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:03.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-37203",
"date": "2026-06-02",
"epss": "0.00189",
"percentile": "0.40487"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:nx_1980:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1984\", \"matchCriteriaId\": \"D3A09766-0171-4DDA-9BF9-D379DA134571\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:solid_edge:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"se2021\", \"matchCriteriaId\": \"576A303A-66CA-4694-AA54-9EB0137C24F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:solid_edge:se2021:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"39D237BD-EE55-4B40-ABC3-194C4BF7C6CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack1:*:*:*:*:*:*\", \"matchCriteriaId\": \"49F5649A-349C-42C6-AFFF-CEE1ABC14E67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack2:*:*:*:*:*:*\", \"matchCriteriaId\": \"756343AA-DB57-40F7-94FA-84BFCDEB6159\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack3:*:*:*:*:*:*\", \"matchCriteriaId\": \"36B0DD28-653E-4069-AB5A-38F8EFEB36CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack4:*:*:*:*:*:*\", \"matchCriteriaId\": \"82090774-D894-41C8-82F1-A48A8707E9BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack5:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD346D22-9B5D-4A50-94E2-1F5C8D391EC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack6:*:*:*:*:*:*\", \"matchCriteriaId\": \"1466AEE0-4A5C-4E2D-80B8-43680F60FC31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack7:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4173D09-C317-45FF-ABA4-39E5592862F8\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in NX 1980 Series (All versions \u003c V1984), Solid Edge SE2021 (All versions \u003c SE2021MP8). The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad en NX 1980 Series (Todas las versiones anteriores a V1984), Solid Edge SE2021 (Todas las versiones anteriores a SE2021MP8). El archivo plmxmlAdapterIFC.dll contiene una lectura fuera de l\\u00edmites al analizar los archivos IFC suministrados por el usuario, lo que podr\\u00eda dar lugar a una lectura m\\u00e1s all\\u00e1 del final de un b\\u00fafer asignado. Esto podr\\u00eda permitir a un atacante causar una condici\\u00f3n de denegaci\\u00f3n de servicio o leer informaci\\u00f3n sensible de ubicaciones de memoria\"}]",
"id": "CVE-2021-37203",
"lastModified": "2024-11-21T06:14:51.227",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:P\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2021-09-14T11:15:26.473",
"references": "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"productcert@siemens.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-37203\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2021-09-14T11:15:26.473\",\"lastModified\":\"2024-11-21T06:14:51.227\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in NX 1980 Series (All versions \u003c V1984), Solid Edge SE2021 (All versions \u003c SE2021MP8). The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en NX 1980 Series (Todas las versiones anteriores a V1984), Solid Edge SE2021 (Todas las versiones anteriores a SE2021MP8). El archivo plmxmlAdapterIFC.dll contiene una lectura fuera de l\u00edmites al analizar los archivos IFC suministrados por el usuario, lo que podr\u00eda dar lugar a una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Esto podr\u00eda permitir a un atacante causar una condici\u00f3n de denegaci\u00f3n de servicio o leer informaci\u00f3n sensible de ubicaciones de memoria\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:P\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:nx_1980:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1984\",\"matchCriteriaId\":\"D3A09766-0171-4DDA-9BF9-D379DA134571\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"se2021\",\"matchCriteriaId\":\"576A303A-66CA-4694-AA54-9EB0137C24F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge:se2021:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"39D237BD-EE55-4B40-ABC3-194C4BF7C6CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack1:*:*:*:*:*:*\",\"matchCriteriaId\":\"49F5649A-349C-42C6-AFFF-CEE1ABC14E67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack2:*:*:*:*:*:*\",\"matchCriteriaId\":\"756343AA-DB57-40F7-94FA-84BFCDEB6159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack3:*:*:*:*:*:*\",\"matchCriteriaId\":\"36B0DD28-653E-4069-AB5A-38F8EFEB36CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack4:*:*:*:*:*:*\",\"matchCriteriaId\":\"82090774-D894-41C8-82F1-A48A8707E9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack5:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD346D22-9B5D-4A50-94E2-1F5C8D391EC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1466AEE0-4A5C-4E2D-80B8-43680F60FC31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack7:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4173D09-C317-45FF-ABA4-39E5592862F8\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
ICSA-21-287-06
Vulnerability from csaf_cisa - Published: 2021-09-28 00:00 - Updated: 2025-05-06 06:00Summary
Siemens Solid Edge
Notes
Summary: Siemens has released a new version for Solid Edge that fixes multiple file parsing vulnerabilities which could be triggered when the application reads files in IFC, JT or OBJ formats.
If a user is tricked to opening a malicious file using the affected application this could lead the application to crash, or potentially arbitrary code execution on the target host system.
Siemens recommends to update to the latest version and to limit opening of files from unknown sources in the affected products.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer: This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors: Multiple
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-125
- Out-of-bounds Read
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-125
- Out-of-bounds Read
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-125
- Out-of-bounds Read
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-824
- Access of Uninitialized Pointer
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
<SE2021MP8 |
Vendor Fix
Mitigation
|
References
21 references
Acknowledgments
Siemens ProductCERT
xina1i
Trend Micro Zero Day Initiative
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting this vulnerability to CISA."
},
{
"names": [
"xina1i"
],
"summary": "reporting vulnerabilities CVE-2021-37202 and CVE-2021-37203"
},
{
"organization": "Trend Micro Zero Day Initiative",
"summary": "coordinated disclosure of CVE-2021-41533 through CVE-2021-41540"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"notes": [
{
"category": "summary",
"text": "Siemens has released a new version for Solid Edge that fixes multiple file parsing vulnerabilities which could be triggered when the application reads files in IFC, JT or OBJ formats.\n\nIf a user is tricked to opening a malicious file using the affected application this could lead the application to crash, or potentially arbitrary code execution on the target host system.\n\nSiemens recommends to update to the latest version and to limit opening of files from unknown sources in the affected products.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-728618.json"
},
{
"category": "self",
"summary": "SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-728618.txt"
},
{
"category": "self",
"summary": "SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-287-06 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-287-06.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-287-06 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-287-06"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens Solid Edge",
"tracking": {
"current_release_date": "2025-05-06T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-287-06",
"initial_release_date": "2021-09-28T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-09-28T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-05-06T06:00:00.000000Z",
"legacy_version": "Revision",
"number": "2",
"summary": "Revision - Fixing typos"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cSE2021MP8",
"product": {
"name": "Solid Edge SE2021",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2021"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37202",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The IFC adapter in affected application contains a use-after-free vulnerability that could be triggered while parsing user-supplied IFC files. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-37202 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-37202.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-37202"
},
{
"cve": "CVE-2021-37203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-37203 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-37203.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-37203"
},
{
"cve": "CVE-2021-41533",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files.\n\nAn attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13565).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-41533 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41533.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-41533"
},
{
"cve": "CVE-2021-41534",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files.\n\nAn attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13703).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-41534 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41534.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-41534"
},
{
"cve": "CVE-2021-41535",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13771).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-41535 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41535.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-41535"
},
{
"cve": "CVE-2021-41536",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13778).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-41536 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41536.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-41536"
},
{
"cve": "CVE-2021-41537",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13789).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-41537 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41537.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-41537"
},
{
"cve": "CVE-2021-41538",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "summary",
"text": "The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied OBJ files.\n\nAn attacker could leverage this vulnerability to leak information from unexpected memory locations (ZDI-CAN-13770).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-41538 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41538.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-41538"
},
{
"cve": "CVE-2021-41539",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13773).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-41539 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41539.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-41539"
},
{
"cve": "CVE-2021-41540",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13776).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2021-41540 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41540.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-41540"
}
]
}
SSA-208530
Vulnerability from csaf_siemens - Published: 2021-09-14 00:00 - Updated: 2021-09-14 00:00Summary
SSA-208530: File parsing vulnerabilities in IFC adapter in NX
Notes
Summary: Siemens NX is affected by two vulnerabilities that could be triggered when the application reads ifc files. If a user is tricked to open a malicious file with the affected application, this could lead to an access violation, and potentially also to arbitrary code execution on the target host system.
Siemens has released updates for NX and recommends to update to the latest version to fix the vulnerabilities. Siemens recommends to avoid opening of untrusted files from unknown sources.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
NX 1980 Series
Siemens / NX 1980 Series
|
< V1984 |
Vendor Fix
Mitigation
|
CWE-125
- Out-of-bounds Read
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
NX 1980 Series
Siemens / NX 1980 Series
|
< V1984 |
Vendor Fix
Mitigation
|
References
Acknowledgments
xina1i
{
"document": {
"acknowledgments": [
{
"names": [
"xina1i"
],
"summary": "reporting the vulnerabilities"
}
],
"category": "Siemens Security Advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited.",
"tlp": {
"label": "WHITE"
}
},
"notes": [
{
"category": "summary",
"text": "Siemens NX is affected by two vulnerabilities that could be triggered when the application reads ifc files. If a user is tricked to open a malicious file with the affected application, this could lead to an access violation, and potentially also to arbitrary code execution on the target host system.\n\nSiemens has released updates for NX and recommends to update to the latest version to fix the vulnerabilities. Siemens recommends to avoid opening of untrusted files from unknown sources.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-208530: File parsing vulnerabilities in IFC adapter in NX - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf"
},
{
"category": "self",
"summary": "SSA-208530: File parsing vulnerabilities in IFC adapter in NX - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-208530.txt"
},
{
"category": "self",
"summary": "SSA-208530: File parsing vulnerabilities in IFC adapter in NX - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-208530.json"
}
],
"title": "SSA-208530: File parsing vulnerabilities in IFC adapter in NX",
"tracking": {
"current_release_date": "2021-09-14T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-208530",
"initial_release_date": "2021-09-14T00:00:00Z",
"revision_history": [
{
"date": "2021-09-14T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V1984",
"product": {
"name": "NX 1980 Series",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "NX 1980 Series"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37202",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The IFC adapter in affected application contains a use-after-free vulnerability that could be triggered while parsing user-supplied IFC files. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-37202 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-37202.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1984 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in NX",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-37202"
},
{
"cve": "CVE-2021-37203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-37203 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-37203.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1984 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in NX",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-37203"
}
]
}
SSA-728618
Vulnerability from csaf_siemens - Published: 2021-09-28 00:00 - Updated: 2021-09-28 00:00Summary
SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8
Notes
Summary: Siemens has released a new version for Solid Edge that fixes multiple file parsing vulnerabilities which could be triggered when the application reads files in IFC, JT or OBJ formats.
If a user is tricked to opening a malicious file using the affected application this could lead the application to crash, or potentially arbitrary code execution on the target host system.
Siemens recommends to update to the latest version and to limit opening of files from unknown sources in the affected products.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-125
- Out-of-bounds Read
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-125
- Out-of-bounds Read
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-125
- Out-of-bounds Read
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-824
- Access of Uninitialized Pointer
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
CWE-416
- Use After Free
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Solid Edge SE2021
Siemens / Solid Edge SE2021
|
< SE2021MP8 |
Vendor Fix
Mitigation
|
References
13 references
Acknowledgments
xina1i
Trend Micro Zero Day Initiative
{
"document": {
"acknowledgments": [
{
"names": [
"xina1i"
],
"summary": "reporting vulnerabilities CVE-2021-37202 and CVE-2021-37203"
},
{
"organization": "Trend Micro Zero Day Initiative",
"summary": "coordinated disclosure of CVE-2021-41533 through CVE-2021-41540"
}
],
"category": "Siemens Security Advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited.",
"tlp": {
"label": "WHITE"
}
},
"notes": [
{
"category": "summary",
"text": "Siemens has released a new version for Solid Edge that fixes multiple file parsing vulnerabilities which could be triggered when the application reads files in IFC, JT or OBJ formats.\n\nIf a user is tricked to opening a malicious file using the affected application this could lead the application to crash, or potentially arbitrary code execution on the target host system.\n\nSiemens recommends to update to the latest version and to limit opening of files from unknown sources in the affected products.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf"
},
{
"category": "self",
"summary": "SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-728618.txt"
},
{
"category": "self",
"summary": "SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-728618.json"
}
],
"title": "SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8",
"tracking": {
"current_release_date": "2021-09-28T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-728618",
"initial_release_date": "2021-09-28T00:00:00Z",
"revision_history": [
{
"date": "2021-09-28T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c SE2021MP8",
"product": {
"name": "Solid Edge SE2021",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "Solid Edge SE2021"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37202",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The IFC adapter in affected application contains a use-after-free vulnerability that could be triggered while parsing user-supplied IFC files. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-37202 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-37202.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-37202"
},
{
"cve": "CVE-2021-37203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-37203 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-37203.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-37203"
},
{
"cve": "CVE-2021-41533",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files.\n\nAn attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13565).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41533 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41533.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41533"
},
{
"cve": "CVE-2021-41534",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files.\n\nAn attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13703).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41534 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41534.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41534"
},
{
"cve": "CVE-2021-41535",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13771).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41535 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41535.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41535"
},
{
"cve": "CVE-2021-41536",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13778).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41536 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41536.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41536"
},
{
"cve": "CVE-2021-41537",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13789).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41537 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41537.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41537"
},
{
"cve": "CVE-2021-41538",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "summary",
"text": "The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied OBJ files.\n\nAn attacker could leverage this vulnerability to leak information from unexpected memory locations (ZDI-CAN-13770).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41538 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41538.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41538"
},
{
"cve": "CVE-2021-41539",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13773).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41539 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41539.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41539"
},
{
"cve": "CVE-2021-41540",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The affected application contains a use-after-free vulnerability while parsing OBJ files.\n\nAn attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13776).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41540 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41540.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to SE2021MP8 or later version",
"product_ids": [
"1"
]
},
{
"category": "mitigation",
"details": "Avoid opening files from unknown sources in Solid Edge",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41540"
}
]
}
VAR-202109-1825
Vulnerability from variot - Updated: 2022-05-04 07:23A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202109-1825",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "solid edge",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "se2021"
},
{
"model": "solid edge",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "se2021"
},
{
"model": "nx 1980",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1984"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-37203"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:nx_1980:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1984",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "se2021",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-37203"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xina1i and Trend Micro\u2019s Zero Day Initiative reported these vulnerabilities to Siemens and CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202109-937"
}
],
"trust": 0.6
},
"cve": "CVE-2021-37203",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2021-37203",
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 1.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-37203",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-37203",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202109-937",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-37203",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-37203"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-937"
},
{
"db": "NVD",
"id": "CVE-2021-37203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in NX 1980 Series (All versions \u003c V1984), Solid Edge SE2021 (All versions \u003c SE2021MP8). The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated buffer. This could allow an attacker to cause a denial-of-service condition or read sensitive information from memory locations. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-37203"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULMON",
"id": "CVE-2021-37203"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SIEMENS",
"id": "SSA-728618",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-208530",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2021-37203",
"trust": 1.7
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-287-06",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-257-09",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021092905",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021091517",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3454",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202109-937",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-37203",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-37203"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-937"
},
{
"db": "NVD",
"id": "CVE-2021-37203"
}
]
},
"id": "VAR-202109-1825",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.19128205
},
"last_update_date": "2022-05-04T07:23:12.491000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Siemens NX Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=164124"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=332f5edc8b55cb21d1b9cbee1c6ab360"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=3b85ee03e935aff52e55e7402b3926a1"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-37203"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-937"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-37203"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-287-06"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021091517"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3454"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37203"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-257-09"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021092905"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-208530.txt"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-37203"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-937"
},
{
"db": "NVD",
"id": "CVE-2021-37203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-37203"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-937"
},
{
"db": "NVD",
"id": "CVE-2021-37203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-14T00:00:00",
"db": "VULMON",
"id": "CVE-2021-37203"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-09-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202109-937"
},
{
"date": "2021-09-14T11:15:00",
"db": "NVD",
"id": "CVE-2021-37203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-28T00:00:00",
"db": "VULMON",
"id": "CVE-2021-37203"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-10-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202109-937"
},
{
"date": "2021-11-18T16:08:00",
"db": "NVD",
"id": "CVE-2021-37203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202109-937"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pillow Buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…