PT-2024-9405 · Siemens · Solid Edge

Nafiez

Published

2024-12-10

Updated

2024-12-11

CVE-2024-54093

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Solid Edge SE2024 versions prior to V224.0 Update 5

Description: The issue is related to a heap-based buffer overflow in the dynamic memory when processing specially crafted ASM files. This could allow an attacker to execute code in the context of the current process.

Recommendations: For Solid Edge SE2024 versions prior to V224.0 Update 5, update to V224.0 Update 5 or later to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted ASM files until a patch is applied. Restrict access to the vulnerable application to minimize the risk of exploitation.

Fix

Memory Corruption

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122

Related Identifiers

BDU:2024-11098

CVE-2024-54093

Affected Products

Solid Edge

PT-2024-9405 · Siemens · Solid Edge

CVE-2024-54093

Weakness Enumeration

Related Identifiers

Affected Products

References · 10