VDB

CVE-2021-37176

CVE-2021-37176 PUBLISHED CVSS 3.299999952316284 LOW

A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). The femap.exe application lacks proper validation of user-supplied data when parsing modfem files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14260)

EPSS 0.17% · 37.5th percentile

Risk Scores

CVSS v3.1
3.299999952316284
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS Score
0.17%
37.5th percentile

Affected Products

VendorProductVersions
SiemensSimcenter Femap V2021.1All versions
siemenssimcenter_femap2020.2, 2021.1
SiemensSimcenter Femap V2020.2*

Timeline

  • Sep 14, 2021 CVE Published
  • Sep 15, 2021 EPSS Score
  • Nov 11, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Jan 8, 2022 EPSS Score
  • Mar 6, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 3, 2022 EPSS Score
  • Jun 29, 2022 EPSS Score
  • Aug 26, 2022 EPSS Score
  • Oct 23, 2022 EPSS Score
  • Dec 19, 2022 EPSS Score

References

…and 4 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›