SSA-173615 — Vulnetix

SSA-173615 PUBLISHED CVSS 7.800000190734863 HIGH

Siemens has released version SE2021MP5 for Solid Edge to fix multiple heap based buffer overflow vulnerabilities that could be triggered when the application read files in PAR or ASM file formats. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution. Siemens recommends to update to the latest version and to avoid opening of untrusted files from unknown sources.

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	Solid Edge SE2021

Timeline

CVE Published

References

https://cert-portal.siemens.com/productcert/pdf/ssa-173615.pdf advisory
https://cert-portal.siemens.com/productcert/txt/ssa-173615.txt advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-173615.json advisory

Open in Interactive Console →