CVE-2023-24566

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Solid Edge SE2022 versions prior to V222.0MP12 Solid Edge SE2023 versions prior to V223.0Update2

Description A stack-based buffer overflow vulnerability has been identified in the affected application while parsing specially crafted PAR files. This issue could allow an attacker to execute code in the context of the current process.

Recommendations For Solid Edge SE2022 versions prior to V222.0MP12, update to version V222.0MP12 or later. For Solid Edge SE2023 versions prior to V223.0Update2, update to version V223.0Update2 or later. As a temporary workaround, consider avoiding the use of specially crafted PAR files until a patch is available.

Fix

Stack Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-787

Related Identifiers

BDU:2023-07498

CVE-2023-24566

ZDI-23-182

Affected Products

Solid Edge

CVE-2023-24566

Weakness Enumeration

Related Identifiers

Affected Products

References · 6