CVE-2023-27402

Name of the Vulnerable Software and Affected Versions Tecnomatix Plant Simulation versions prior to V2201.0006

Description The issue is related to an out of bounds read in the memory, which can be triggered by parsing specially crafted SPP files. This could allow an attacker to execute arbitrary code in the context of the current process. The vulnerability is exploited through the SPP file, which is used by the Tecnomatix Plant Simulation software.

Recommendations For versions prior to V2201.0006, update to version V2201.0006 or later to resolve the issue. As a temporary workaround, consider restricting the use of specially crafted SPP files to minimize the risk of exploitation. Avoid using untrusted SPP files until the issue is resolved.