7.8
CVE-2023-49129
- EPSS 0.15%
- Published 09.01.2024 10:15:18
- Last modified 21.11.2024 08:32:53
- Source productcert@siemens.com
- Teams watchlist Login
- Open Login
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
Data is provided by the National Vulnerability Database (NVD)
Siemens ≫ Solid Edge Se2023 Version < 223.0
Siemens ≫ Solid Edge Se2023 Version223.0 Update-
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0001
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0002
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0003
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0004
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0005
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0006
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0007
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0008
Siemens ≫ Solid Edge Se2023 Version223.0 Updateupdate_0009
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.362 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| productcert@siemens.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.