PT-2023-6670 · Siemens · Solid Edge Se2023+1
Published
2023-02-14
·
Updated
2023-03-14
·
CVE-2023-24558
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Solid Edge SE2022 versions prior to V222.0MP12
Solid Edge SE2023 versions prior to V223.0Update2
Description
A vulnerability has been identified that allows an attacker to execute code in the context of the current process by exploiting an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files.
Recommendations
For Solid Edge SE2022 versions prior to V222.0MP12, update to version V222.0MP12 or later.
For Solid Edge SE2023 versions prior to V223.0Update2, update to version V223.0Update2 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Solid Edge Se2022
Solid Edge Se2023