SSA-518824 — Vulnetix

SSA-518824 PUBLISHED CVSS 3.299999952316284 LOW

Simcenter Femap and Parasolid are affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in X_T file formats. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process. Siemens has released updates for the affected products and recommends to update to the latest versions.

Risk Scores

CVSS 3.1

3.299999952316284

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	Simcenter Femap V2022.2
	Parasolid V34.1
	Parasolid V34.0
	Parasolid V35.0
	Simcenter Femap V2022.1
	Parasolid V33.1

Exploit Intelligence

https://support.sw.siemens.com/ (circl)
https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf (circl)
https://cert-portal.siemens.com/productcert/txt/ssa-518824.txt (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-518824.json (circl)

Timeline

CVE Published

References

https://support.sw.siemens.com/ fix
https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf advisory
https://cert-portal.siemens.com/productcert/txt/ssa-518824.txt advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-518824.json advisory

Open in Interactive Console →