CVE-2024-24923

Name of the Vulnerable Software and Affected Versions Simcenter Femap versions prior to V2401.0000 Simcenter Femap versions prior to V2306.0001

Description A vulnerability has been identified in Simcenter Femap that is related to an out of bounds read past the end of an allocated structure while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. The vulnerability is associated with a buffer read beyond the memory boundaries.

Recommendations For Simcenter Femap versions prior to V2401.0000, update to version V2401.0000 or later. For Simcenter Femap versions prior to V2306.0001, update to version V2306.0001 or later. As a temporary workaround, consider avoiding the use of specially crafted Catia MODEL files until a patch is available. Restrict access to the Catia MODEL file parsing functionality to minimize the risk of exploitation.