CVE-2021-25665 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-25665 PUBLISHED CVSS 7.800000190734863 HIGH

A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2021.2.1). The starview+.exe application lacks proper validation of user-supplied data when parsing scene files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13700)

EPSS 0.41% · 60.8th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.41%

60.8th percentile

Affected Products

Vendor	Product	Versions
Siemens	Simcenter STAR-CCM+ Viewer	All versions < V2021.2.1
siemens	simcenter_star-ccm\+	0

Timeline

Apr 13, 2021 CVE Published
Sep 15, 2021 EPSS Score
Nov 11, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Jan 7, 2022 EPSS Score
Mar 5, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Jun 26, 2022 EPSS Score
Aug 23, 2022 EPSS Score
Oct 19, 2022 EPSS Score
Dec 15, 2022 EPSS Score

References

…and 4 more

Open in Interactive Console →