ID CVE-2022-39144
Summary A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17494)
References
Vulnerable Configurations
  • cpe:2.3:a:siemens:simcenter_femap:2022.2:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:simcenter_femap:2022.2:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:simcenter_femap:2022.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:simcenter_femap:2022.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:simcenter_femap:2022.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:simcenter_femap:2022.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:simcenter_femap:2022.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:simcenter_femap:2022.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:simcenter_femap:2022.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:simcenter_femap:2022.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:parasolid:34.1:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:parasolid:34.1:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:parasolid:34.1.233:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:parasolid:34.1.233:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:parasolid:34.0:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:parasolid:34.0:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:parasolid:34.0.250:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:parasolid:34.0.250:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:parasolid:35.0:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:parasolid:35.0:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:parasolid:35.0.161:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:parasolid:35.0.161:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:parasolid:33.1:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:parasolid:33.1:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:parasolid:33.1.262:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:parasolid:33.1.262:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 13-09-2022 - 15:13
Published 13-09-2022 - 10:15
Last modified 13-09-2022 - 15:13
Back to Top