CVE-2023-39549 — Vulnetix

CVE-2023-39549 PUBLISHED CVSS 7.800000190734863 HIGH

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 2). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted DWG file. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19562)

EPSS 0.15% · 35.3th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C

EPSS Score

0.15%

35.3th percentile

Affected Products

Vendor	Product	Versions
siemens	solid_edge	*
Siemens	Solid Edge SE2023	All versions < V223.0 Update 2
seimens	se2023	0

Timeline

Aug 8, 2023 CVE Published
Aug 9, 2023 EPSS Score
Sep 12, 2023 EPSS Score
Oct 15, 2023 EPSS Score
Nov 18, 2023 EPSS Score
Dec 21, 2023 EPSS Score
Jan 24, 2024 EPSS Score
Feb 26, 2024 EPSS Score
Mar 31, 2024 EPSS Score
May 3, 2024 EPSS Score
Jun 6, 2024 EPSS Score
Jul 10, 2024 EPSS Score

References

https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf url
https://nvd.nist.gov/vuln/detail/CVE-2023-39549 advisory

Open in Interactive Console →