CVE-2014-100014

Name of the Vulnerable Software and Affected Versions SolidWorks Workgroup PDM version 2014 SP2

Description The issue is related to multiple stack-based buffer overflows in the pdmwService.exe component. This can be exploited by remote attackers who send a long string in specific opcodes to port 3000, potentially allowing them to execute arbitrary code. The opcodes in question are 2001, 2002, and 2003.

Recommendations For SolidWorks Workgroup PDM version 2014 SP2, consider restricting access to port 3000 to minimize the risk of exploitation. As a temporary workaround, limiting the length of strings accepted by the pdmwService.exe component for opcodes 2001, 2002, and 2003 could help mitigate the issue until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.