SSA-109294 — Vulnetix

SSA-109294 PUBLISHED CVSS 7.800000190734863 HIGH

Siemens Simcenter STAR-CCM+ Viewer is affected by a vulnerability that could be triggered when the application reads scene (.sce) files. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution or data extraction on the target host system. Siemens has released an update for Simcenter STAR-CCM+ Viewer and recommends to update to the latest version to fix the vulnerability. Siemens recommends to avoid opening of untrusted files from unknown sources.

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	Simcenter STAR-CCM+ Viewer

Timeline

CVE Published

References

https://cert-portal.siemens.com/productcert/pdf/ssa-109294.pdf advisory
https://cert-portal.siemens.com/productcert/txt/ssa-109294.txt advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-109294.json advisory
https://community.sw.siemens.com/s/article/Simcenter-STAR-CCM-Viewer-Download fix

Open in Interactive Console →