7.8
CVE-2026-44411
- EPSS 0.11%
- Veröffentlicht 12.05.2026 08:21:19
- Zuletzt bearbeitet 29.06.2026 14:03:20
- Quelle productcert@siemens.com
- CVE-Watchlists
- Unerledigt
A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Solid Edge Se2026 Version < 226.0
Siemens ≫ Solid Edge Se2026 Version226.0 Update-
Siemens ≫ Solid Edge Se2026 Version226.0 Updateupdate_1
Siemens ≫ Solid Edge Se2026 Version226.0 Updateupdate_2
Siemens ≫ Solid Edge Se2026 Version226.0 Updateupdate_3
Siemens ≫ Solid Edge Se2026 Version226.0 Updateupdate_4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.013 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| productcert@siemens.com | 7.3 | 0 | 0 |
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| productcert@siemens.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-824 Access of Uninitialized Pointer
The product accesses or uses a pointer that has not been initialized.
https://cert-portal.siemens.com/productcert/html/ssa-921111.html