SSA-932528 — Vulnetix

SSA-932528 PUBLISHED CVSS 2.200000047683716 LOW

Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as DWG, IFC, OBJ or STP format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerability to crash the application or execute arbitrary code. Siemens has released several updates for Solid Edge SE2023 and recommends to update to the latest version.

Risk Scores

CVSS v3.1

2.200000047683716

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	Solid Edge SE2023

Timeline

CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-932528.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-932528.json advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf advisory
https://cert-portal.siemens.com/productcert/txt/ssa-932528.txt advisory
https://support.sw.siemens.com/ fix

Open in Interactive Console →