7.8
CVE-2023-39187
- EPSS 0.1%
- Veröffentlicht 08.08.2023 10:15:19
- Zuletzt bearbeitet 21.11.2024 08:14:52
- Quelle productcert@siemens.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Solid Edge Version < se2023
Siemens ≫ Solid Edge Versionse2023 Update-
Siemens ≫ Solid Edge Versionse2023 Updatemaintenance_pack1
Siemens ≫ Solid Edge Versionse2023 Updatemaintenance_pack2
Siemens ≫ Solid Edge Versionse2023 Updatemaintenance_pack3
Siemens ≫ Solid Edge Versionse2023 Updatemaintenance_pack4
Siemens ≫ Solid Edge Versionse2023 Updatemaintenance_pack5
Siemens ≫ Solid Edge Versionse2023 Updatemaintenance_pack6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.28 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| productcert@siemens.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.