CVE-2021-41539 — Vulnetix

CVE-2021-41539 PUBLISHED CVSS 7.800000190734863 HIGH

A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13773).

EPSS 0.68% · 72.0th percentile

Risk Scores

CVSS 3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.68%

72.0th percentile

Affected Products

Vendor	Product	Versions
Siemens	Solid Edge SE2021	*
siemens	solid_edge	se2021, se2021, se2021

Exploit Intelligence

https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf (circl)
https://www.zerodayinitiative.com/advisories/ZDI-21-1123/ (circl)

Timeline

Apr 13, 2021 CVE Published
Sep 29, 2021 EPSS Score
Oct 5, 2021 EPSS Score
Oct 11, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Jan 21, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Mar 19, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Jul 11, 2022 EPSS Score
Sep 7, 2022 EPSS Score
Nov 3, 2022 EPSS Score

References

https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf url
https://www.zerodayinitiative.com/advisories/ZDI-21-1123/ url
https://nvd.nist.gov/vuln/detail/CVE-2021-41539 advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-1123 url

Open in Interactive Console →