PT-2022-16783 · Siemens · Simcenter Star-Ccm+ Viewer

Published

2022-03-08

Updated

2022-03-11

CVE-2022-24661

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Simcenter STAR-CCM+ Viewer versions prior to V2022.1

Description A memory corruption issue has been identified in the starview+.exe component while parsing specially crafted .SCE files. This could allow an attacker to execute code in the context of the current process.

Recommendations For versions prior to V2022.1, update to version V2022.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted .SCE files with the starview+.exe component until a patch is applied.

Fix

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

CVE-2022-24661

Affected Products

Simcenter Star-Ccm+ Viewer

PT-2022-16783 · Siemens · Simcenter Star-Ccm+ Viewer

CVE-2022-24661

Weakness Enumeration

Related Identifiers

Affected Products

References · 3