CVE-2022-27653

Name of the Vulnerable Software and Affected Versions Simcenter Femap versions prior to V2022.2

Description A vulnerability has been identified in Simcenter Femap that could allow an attacker to execute code in the context of the current process. The issue is related to an out of bounds write past the end of an allocated structure while parsing specially crafted .NEU files. This can be exploited by creating and opening a specially crafted .NEU file, potentially allowing an attacker to execute arbitrary code.

Recommendations For versions prior to V2022.2, update to version V2022.2 or later to resolve the issue. As a temporary workaround, consider restricting the opening of .NEU files from untrusted sources to minimize the risk of exploitation. Avoid using the application to parse specially crafted .NEU files until the issue is resolved.