CVE-2024-23796

Name of the Vulnerable Software and Affected Versions Tecnomatix Plant Simulation versions prior to V2201.0012 Tecnomatix Plant Simulation versions prior to V2302.0006

Description A heap-based buffer overflow vulnerability has been identified in the affected application while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. The vulnerability is related to a buffer overflow in dynamic memory, which can be exploited by an attacker using a specially crafted WRL file to execute arbitrary code.

Recommendations For versions prior to V2201.0012, update to version V2201.0012 or later to resolve the issue. For versions prior to V2302.0006, update to version V2302.0006 or later to resolve the issue. As a temporary workaround, consider restricting the use of WRL files in the affected application until a patch is available. Avoid using the affected WRL file parsing functionality until the issue is resolved.