CVE-2024-54091 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-54091 PUBLISHED CVSS 7.800000190734863 HIGH

A vulnerability has been identified in Parasolid V36.1 (All versions < V36.1.225), Parasolid V37.0 (All versions < V37.0.173), Parasolid V37.1 (All versions < V37.1.109). The affected applications contain an out of bounds write vulnerability when parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

EPSS 0.11% · 29.1th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.11%

29.1th percentile

Affected Products

Vendor	Product	Versions
siemens	solid_edge_se2024	224.0, 224.0, 224.0
siemens	parasolid	36.1, 37.0
Siemens	Solid Edge SE2025	0
Siemens	Solid Edge SE2024	0
siemens	solid_edge_se2025	225.0, 225.0, 225.0

Timeline

Dec 10, 2024 CVE Published
Dec 10, 2024 PoC Published
Dec 11, 2024 EPSS Score
Dec 12, 2024 PoC Published
Dec 27, 2024 EPSS Score
Jan 12, 2025 EPSS Score
Jan 29, 2025 EPSS Score
Feb 14, 2025 EPSS Score
Mar 2, 2025 EPSS Score
Mar 18, 2025 EPSS Score
Apr 3, 2025 EPSS Score
Apr 5, 2025 Coalition ESS Score

References

Open in Interactive Console →