CVE-2024-53242 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-53242 PUBLISHED CVSS 7.800000190734863 HIGH

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-25206)

EPSS 0.13% · 31.8th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.13%

31.8th percentile

Affected Products

Vendor	Product	Versions
siemens	tecnomatix_plant_simulation	2302.0, 2404.0
siemens	teamcenter_visualization	14.2, 14.3, 2312.0
Siemens	Teamcenter Visualization V14.3	0
Siemens	Tecnomatix Plant Simulation V2404	0
Siemens	Teamcenter Visualization V14.2	0
Siemens	Tecnomatix Plant Simulation V2302	0
Siemens	Teamcenter Visualization V2312	0

Timeline

Dec 10, 2024 CVE Published
Dec 10, 2024 PoC Published
Dec 11, 2024 EPSS Score
Dec 12, 2024 PoC Published
Dec 27, 2024 EPSS Score
Jan 12, 2025 EPSS Score
Jan 22, 2025 PoC Published
Jan 29, 2025 EPSS Score
Feb 14, 2025 EPSS Score
Mar 2, 2025 EPSS Score
Mar 18, 2025 EPSS Score
Apr 2, 2025 Coalition ESS Score

References

Open in Interactive Console →