VDB
CVE-2021-37180
CVE-2021-37180
PUBLISHED
CVSS 7.800000190734863 HIGH
A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13775)
EPSS 0.38% · 59.7th percentile
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.38%
59.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| siemens | solid_edge_se2021_firmware | 0 |
| Siemens | Solid Edge SE2021 | All Versions < SE2021MP7 |
Timeline
- Aug 10, 2021 CVE Published
- Aug 11, 2021 EPSS Score
- Oct 9, 2021 EPSS Score
- Dec 6, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 2, 2022 EPSS Score
- May 31, 2022 EPSS Score
- Jul 30, 2022 EPSS Score
- Sep 26, 2022 EPSS Score
- Nov 24, 2022 EPSS Score
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-938030.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-679335.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-158827.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-818688.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-756744.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf advisory
- https://www.zerodayinitiative.com/advisories/ZDI-21-1113/ url
- https://nvd.nist.gov/vuln/detail/CVE-2021-37180 advisory
- https://www.zerodayinitiative.com/advisories/ZDI-21-1113 url