CVE-2023-38679 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-38679 PUBLISHED CVSS 7.800000190734863 HIGH

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21106)

EPSS 0.07% · 20.9th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

EPSS Score

0.07%

20.9th percentile

Affected Products

Vendor	Product	Versions
Siemens	Tecnomatix Plant Simulation V2302	All versions < V2302.0002
Siemens	Tecnomatix Plant Simulation V2201	All versions < V2201.0008
siemens	tecnomatix	2201, 2302

Timeline

Aug 8, 2023 CVE Published
Aug 9, 2023 EPSS Score
Sep 11, 2023 EPSS Score
Oct 14, 2023 EPSS Score
Nov 16, 2023 EPSS Score
Dec 19, 2023 EPSS Score
Jan 21, 2024 EPSS Score
Feb 23, 2024 EPSS Score
Mar 27, 2024 EPSS Score
Apr 4, 2024 CVE Updated
Apr 29, 2024 EPSS Score
Jun 1, 2024 EPSS Score

References

Open in Interactive Console →