VDB
SSA-932528
SSA-932528
PUBLISHED
CVSS 2.200000047683716 LOW
Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as DWG, IFC, OBJ or STP format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to crash the application or execute arbitrary code. Siemens has released several updates for Solid Edge SE2023 and recommends to update to the latest version.
Risk Scores
CVSS 3.1
2.200000047683716
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Solid Edge SE2023 |
Exploit Intelligence
- https://cert-portal.siemens.com/productcert/html/ssa-932528.html (circl)
- https://cert-portal.siemens.com/productcert/csaf/ssa-932528.json (circl)
- https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf (circl)
- https://cert-portal.siemens.com/productcert/txt/ssa-932528.txt (circl)
- https://support.sw.siemens.com/ (circl)
Timeline
- CVE Published
References
- https://cert-portal.siemens.com/productcert/html/ssa-932528.html advisory
- https://cert-portal.siemens.com/productcert/csaf/ssa-932528.json advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf advisory
- https://cert-portal.siemens.com/productcert/txt/ssa-932528.txt advisory
- https://support.sw.siemens.com/ fix