VDB
CVE-2020-26997
CVE-2020-26997
PUBLISHED
CVSS 7.800000190734863 HIGH
A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11919)
EPSS 0.45% · 64.1th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.45%
64.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| siemens | solid_edge_se2020 | 0 |
| Siemens | Solid Edge SE2021 | All Versions < SE2021MP4 |
| Siemens | Solid Edge SE2020 | All versions < SE2020MP13, * |
| siemens | solid_edge_se2021 | 0 |
Exploit Intelligence
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- CVE-2017-1000367 (github-poc)
- CVE-2017-1000367 (github-poc)
- CVE-2017-1000367 (github-poc)
- CVE-2017-1000367 (github-poc)
- own implementation of the CVE-2017-1000367 sudo privilege escalation vulnerability in python (github-poc)
- own implementation of the CVE-2017-1000367 sudo privilege escalation vulnerability in python (github-poc)
…and 12 more exploits
Timeline
- Apr 14, 2021 CVE Published
- Apr 27, 2021 EPSS Score
- Jun 30, 2021 EPSS Score
- Sep 1, 2021 EPSS Score
- Nov 2, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 6, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 8, 2022 EPSS Score
- Jul 9, 2022 EPSS Score
- Sep 10, 2022 EPSS Score
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-853866.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-983300.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-163226.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-574442.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-21-103-06 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-26997 advisory