7.8
CVE-2023-49123
- EPSS 0.15%
- Published 09.01.2024 10:15:17
- Last modified 21.11.2024 08:32:52
- Source productcert@siemens.com
- Teams watchlist Login
- Open Login
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
Data is provided by the National Vulnerability Database (NVD)
Siemens ≫ Solid Edge Se2023 Version < 223.0
Siemens ≫ Solid Edge Se2023 Version223.0 Update-
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0001
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0002
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0003
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0004
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0005
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0006
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0007
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0008
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0009
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.362 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| productcert@siemens.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.