PT-2024-9968 · Siemens · Teamcenter Visualization+1
Published
2024-10-08
·
Updated
2024-12-10
·
CVE-2024-45474
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Teamcenter Visualization versions prior to V14.2.0.14
Teamcenter Visualization versions prior to V14.3.0.12
Teamcenter Visualization V2312 versions prior to V2312.0008
Tecnomatix Plant Simulation V2302 versions prior to V2302.0016
Tecnomatix Plant Simulation V2404 versions prior to V2404.0005
Description:
The affected applications are vulnerable to memory corruption while parsing specially crafted WRL files, which could allow an attacker to execute code in the context of the current process. This issue is related to a buffer overflow in memory, potentially leading to a denial of service or arbitrary code execution.
Recommendations:
For Teamcenter Visualization versions prior to V14.2.0.14, update to version V14.2.0.14 or later.
For Teamcenter Visualization versions prior to V14.3.0.12, update to version V14.3.0.12 or later.
For Teamcenter Visualization V2312 versions prior to V2312.0008, update to version V2312.0008 or later.
For Tecnomatix Plant Simulation V2302 versions prior to V2302.0016, update to version V2302.0016 or later.
For Tecnomatix Plant Simulation V2404 versions prior to V2404.0005, update to version V2404.0005 or later.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Teamcenter Visualization
Tecnomatix Plant Simulation