CVE-2023-38531

Name of the Vulnerable Software and Affected Versions Parasolid versions prior to V34.1.258 Parasolid versions prior to V35.0.254 Parasolid versions prior to V35.1.184 Teamcenter Visualization version V14.1 Teamcenter Visualization versions prior to V14.2.0.12 Teamcenter Visualization versions prior to V14.3.0.9 Teamcenter Visualization versions prior to V2312.0004

Description The issue is related to an out of bounds read past the end of an allocated structure while parsing specially crafted X T files. This could allow an attacker to execute code in the context of the current process. The vulnerability is associated with a buffer read beyond the memory buffer boundaries, which can be exploited by an attacker using a specially crafted X T file to execute arbitrary code.

Recommendations For Parasolid versions prior to V34.1.258, update to version V34.1.258 or later. For Parasolid versions prior to V35.0.254, update to version V35.0.254 or later. For Parasolid versions prior to V35.1.184, update to version V35.1.184 or later. For Teamcenter Visualization version V14.1, consider upgrading to a later version with the fix. For Teamcenter Visualization versions prior to V14.2.0.12, update to version V14.2.0.12 or later. For Teamcenter Visualization versions prior to V14.3.0.9, update to version V14.3.0.9 or later. For Teamcenter Visualization versions prior to V2312.0004, update to version V2312.0004 or later. As a temporary workaround, consider restricting the use of specially crafted X T files until a patch is available.