CVE-2023-27405

Name of the Vulnerable Software and Affected Versions Tecnomatix Plant Simulation versions prior to V2201.0006

Description The issue is related to an out of bounds read in the memory, which can be triggered by parsing specially crafted SPP files. This could allow an attacker to execute arbitrary code in the context of the current process. The vulnerability is associated with the reading of files, specifically the SPP file type, which can be exploited to achieve remote code execution.

Recommendations For versions prior to V2201.0006, update to version V2201.0006 or later to resolve the issue. As a temporary workaround, consider restricting the use of SPP files or avoiding the parsing of specially crafted SPP files until a patch is applied.