VDB

CVE-2021-25678

CVE-2021-25678 PUBLISHED CVSS 6.800000190734863 MEDIUM

A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12529)

EPSS 0.38% · 59.7th percentile

Risk Scores

CVSS v2.0
6.800000190734863
EPSS Score
0.38%
59.7th percentile

Affected Products

VendorProductVersions
siemenssolid_edge_se20210
SiemensSolid Edge SE2020All versions < SE2020MP13, *
SiemensSolid Edge SE2021All Versions < SE2021MP4
siemenssolid_edge_se20200

Timeline

  • Apr 14, 2021 CVE Published
  • Apr 27, 2021 EPSS Score
  • Jun 30, 2021 EPSS Score
  • Aug 31, 2021 EPSS Score
  • Nov 2, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Mar 6, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 7, 2022 EPSS Score
  • Jul 8, 2022 EPSS Score
  • Sep 10, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›