7.8
CVE-2024-54095
- EPSS 0.03%
- Published 10.12.2024 14:30:47
- Last modified 04.03.2025 18:19:12
- Source productcert@siemens.com
- Teams watchlist Login
- Open Login
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 10). The affected application is vulnerable to integer underflow vulnerability which can be triggered while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
Data is provided by the National Vulnerability Database (NVD)
Siemens ≫ Solid Edge Se2024 Version < 224.0
Siemens ≫ Solid Edge Se2024 Version224.0 Update-
Siemens ≫ Solid Edge Se2024 Version224.0 Updateupdate_0001
Siemens ≫ Solid Edge Se2024 Version224.0 Updateupdate_0002
Siemens ≫ Solid Edge Se2024 Version224.0 Updateupdate_0003
Siemens ≫ Solid Edge Se2024 Version224.0 Updateupdate_0004
Siemens ≫ Solid Edge Se2024 Version224.0 Updateupdate_0005
Siemens ≫ Solid Edge Se2024 Version224.0 Updateupdate_0006
Siemens ≫ Solid Edge Se2024 Version224.0 Updateupdate_0007
Siemens ≫ Solid Edge Se2024 Version224.0 Updateupdate_0008
Siemens ≫ Solid Edge Se2024 Version224.0 Updateupdate_0009
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.083 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| productcert@siemens.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| productcert@siemens.com | 7.3 | 0 | 0 |
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-191 Integer Underflow (Wrap or Wraparound)
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.