CVE-2023-49122

Name of the Vulnerable Software and Affected Versions Solid Edge SE2023 versions prior to V223.0 Update 10

Description The issue is related to a heap-based buffer overflow in memory when parsing specially crafted PAR files. This could allow an attacker to execute arbitrary code in the context of the current process. The vulnerability can be exploited by using specially formed files.

Recommendations For Solid Edge SE2023 versions prior to V223.0 Update 10, update to V223.0 Update 10 or later to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted PAR files until a patch is applied. Restrict access to the vulnerable parsing functionality to minimize the risk of exploitation.