CVE-2023-30985

Name of the Vulnerable Software and Affected Versions Solid Edge SE2023 versions prior to V223.0 Update 3

Description A vulnerability has been identified that could allow an attacker to disclose sensitive information due to an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file.

Recommendations For Solid Edge SE2023 versions prior to V223.0 Update 3, update to V223.0 Update 3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted OBJ files until a patch is applied. Restrict access to the OBJ file parsing functionality to minimize the risk of exploitation.