Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2023-AVI-0121
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans les produits Siemens. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | JT Utilities versions antérieures à V13.2.3.0 | ||
| Siemens | N/A | Parasolid V35.0 versions antérieures à V35.0.170 | ||
| Siemens | N/A | TIA Project-Server versions antérieures à V1.1 | ||
| Siemens | N/A | COMOS V10.3.3.4 versions antérieures à V10.3.3.4.6 | ||
| Siemens | N/A | SCALANCE X204IRT (6GK5204-0BA00-2BA3) versions antérieures à V5.5.0 | ||
| Siemens | N/A | Parasolid V34.1 versions antérieures à V34.1.242 | ||
| Siemens | N/A | TIA Multiuser Server V16 toutes les versions | ||
| Siemens | N/A | COMOS V10.2 toutes les versions | ||
| Siemens | N/A | Simcenter Femap versions antérieures à V2023.1 | ||
| Siemens | N/A | Applications utilisant Mendix versions 9 (V9.12) antérieures à V9.12.10 | ||
| Siemens | N/A | Parasolid V35.1 versions antérieures à V35.1.150 | ||
| Siemens | N/A | COMOS V10.3.3.3 versions antérieures à V10.3.3.3.9 | ||
| Siemens | N/A | SCALANCE XF204IRT (6GK5204-0BA00-2BF2) versions antérieures à V5.5.0 | ||
| Siemens | N/A | Brownfield Connectivity - Client versions antérieures à V2.15 | ||
| Siemens | N/A | COMOS V10.4.2.0 versions antérieures à V10.4.2.0.25 | ||
| Siemens | N/A | TIA Multiuser Server V14 toutes les versions | ||
| Siemens | N/A | COMOS V10.3.3.1 versions antérieures à V10.3.3.1.45 | ||
| Siemens | N/A | Parasolid V34.0 versions antérieures à V34.0.254 | ||
| Siemens | N/A | SiPass integrated AC5102 (ACC-G2) versions antérieures à V2.85.44 | ||
| Siemens | N/A | Solid Edge SE2023 versions antérieures à V2023Update2 | ||
| Siemens | N/A | SiPass integrated ACC-AP versions antérieures à V2.85.43 | ||
| Siemens | N/A | SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2) versions antérieures à V5.5.0 | ||
| Siemens | N/A | COMOS V10.4.0.0 versions antérieures à V10.4.0.0.31 | ||
| Siemens | N/A | Applications utilisant Mendix versions 7 antérieures à V7.23.34 | ||
| Siemens | N/A | Applications utilisant Mendix versions 9 (V9.18) antérieures à V9.18.4 | ||
| Siemens | N/A | SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6) versions antérieures à V5.5.0 | ||
| Siemens | N/A | SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6) versions antérieures à V5.5.0 | ||
| Siemens | N/A | SIPLUS NET SCALANCE X202-2P IRT (6AG1202-2BH00-2BA3) versions antérieures à V5.5.0 | ||
| Siemens | N/A | SCALANCE XF201-3P IRT (6GK5201-3BH00-2BD2) versions antérieures à V5.5.0 | ||
| Siemens | N/A | TIA Multiuser Server V15 versions antérieures à V15.1 Update 8 | ||
| Siemens | N/A | SCALANCE X201-3P IRT PRO (6GK5201-3JR00-2BA6) versions antérieures à V5.5.0 | ||
| Siemens | N/A | SCALANCE X202-2IRT (6GK5202-2BB00-2BA3) versions antérieures à V5.5.0 | ||
| Siemens | N/A | Applications utilisant Mendix versions 8 antérieures à V8.18.23 | ||
| Siemens | N/A | Famille de produits SIMATIC Field PG, SIMATIC IPC et SIMATIC ITP toutes les versions | ||
| Siemens | N/A | SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3) versions antérieures à V5.5.0 | ||
| Siemens | N/A | Brownfield Connectivity - Gateway versions antérieures à V1.11 | ||
| Siemens | N/A | SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3) versions antérieures à V5.5.0 | ||
| Siemens | N/A | TIA Multiuser Server V17 toutes les versions | ||
| Siemens | N/A | Famille de produits RUGGEDCOM APE1808 toutes les versions | ||
| Siemens | N/A | SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3) versions antérieures à V5.5.0 | ||
| Siemens | N/A | Applications utilisant Mendix versions 9 (V9.6) antérieures à V9.6.15 | ||
| Siemens | N/A | COMOS V10.4.1.0 versions antérieures à V10.4.1.0.32 | ||
| Siemens | N/A | SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2) versions antérieures à V5.5.0 | ||
| Siemens | N/A | COMOS V10.3.3.2 versions antérieures à V10.3.3.2.33 | ||
| Siemens | N/A | Tecnomatix Plant Simulation versions antérieures à V2201.0006 | ||
| Siemens | N/A | JT Open versions antérieures à V11.2.3.0 | ||
| Siemens | N/A | Applications utilisant Mendix versions 9 antérieures à V9.22.0 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "JT Utilities versions ant\u00e9rieures \u00e0 V13.2.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V35.0 versions ant\u00e9rieures \u00e0 V35.0.170",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Project-Server versions ant\u00e9rieures \u00e0 V1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "COMOS V10.3.3.4 versions ant\u00e9rieures \u00e0 V10.3.3.4.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X204IRT (6GK5204-0BA00-2BA3) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V34.1 versions ant\u00e9rieures \u00e0 V34.1.242",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Multiuser Server V16 toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "COMOS V10.2 toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter Femap versions ant\u00e9rieures \u00e0 V2023.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications utilisant Mendix versions 9 (V9.12) ant\u00e9rieures \u00e0 V9.12.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V35.1 versions ant\u00e9rieures \u00e0 V35.1.150",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "COMOS V10.3.3.3 versions ant\u00e9rieures \u00e0 V10.3.3.3.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204IRT (6GK5204-0BA00-2BF2) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Brownfield Connectivity - Client versions ant\u00e9rieures \u00e0 V2.15",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "COMOS V10.4.2.0 versions ant\u00e9rieures \u00e0 V10.4.2.0.25",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Multiuser Server V14 toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "COMOS V10.3.3.1 versions ant\u00e9rieures \u00e0 V10.3.3.1.45",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V34.0 versions ant\u00e9rieures \u00e0 V34.0.254",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SiPass integrated AC5102 (ACC-G2) versions ant\u00e9rieures \u00e0 V2.85.44",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2023 versions ant\u00e9rieures \u00e0 V2023Update2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SiPass integrated ACC-AP versions ant\u00e9rieures \u00e0 V2.85.43",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "COMOS V10.4.0.0 versions ant\u00e9rieures \u00e0 V10.4.0.0.31",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications utilisant Mendix versions 7 ant\u00e9rieures \u00e0 V7.23.34",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications utilisant Mendix versions 9 (V9.18) ant\u00e9rieures \u00e0 V9.18.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET SCALANCE X202-2P IRT (6AG1202-2BH00-2BA3) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF201-3P IRT (6GK5201-3BH00-2BD2) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Multiuser Server V15 versions ant\u00e9rieures \u00e0 V15.1 Update 8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X201-3P IRT PRO (6GK5201-3JR00-2BA6) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X202-2IRT (6GK5202-2BB00-2BA3) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications utilisant Mendix versions 8 ant\u00e9rieures \u00e0 V8.18.23",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Famille de produits SIMATIC Field PG, SIMATIC IPC et SIMATIC ITP toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Brownfield Connectivity - Gateway versions ant\u00e9rieures \u00e0 V1.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Multiuser Server V17 toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Famille de produits RUGGEDCOM APE1808 toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications utilisant Mendix versions 9 (V9.6) ant\u00e9rieures \u00e0 V9.6.15",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "COMOS V10.4.1.0 versions ant\u00e9rieures \u00e0 V10.4.1.0.32",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2) versions ant\u00e9rieures \u00e0 V5.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "COMOS V10.3.3.2 versions ant\u00e9rieures \u00e0 V10.3.3.2.33",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation versions ant\u00e9rieures \u00e0 V2201.0006",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "JT Open versions ant\u00e9rieures \u00e0 V11.2.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications utilisant Mendix versions 9 ant\u00e9rieures \u00e0 V9.22.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-24556",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24556"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-24990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24990"
},
{
"name": "CVE-2022-39157",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39157"
},
{
"name": "CVE-2022-46345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46345"
},
{
"name": "CVE-2023-22669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22669"
},
{
"name": "CVE-2023-24549",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24549"
},
{
"name": "CVE-2023-24560",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24560"
},
{
"name": "CVE-2022-31808",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31808"
},
{
"name": "CVE-2022-46347",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46347"
},
{
"name": "CVE-2022-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27536"
},
{
"name": "CVE-2022-46349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46349"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2023-24552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24552"
},
{
"name": "CVE-2021-43391",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43391"
},
{
"name": "CVE-2023-24980",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24980"
},
{
"name": "CVE-2021-32936",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32936"
},
{
"name": "CVE-2022-33984",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33984"
},
{
"name": "CVE-2023-24551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24551"
},
{
"name": "CVE-2022-46346",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46346"
},
{
"name": "CVE-2023-24992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24992"
},
{
"name": "CVE-2022-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21198"
},
{
"name": "CVE-2007-5846",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
},
{
"name": "CVE-2022-33906",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33906"
},
{
"name": "CVE-2023-24562",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24562"
},
{
"name": "CVE-2023-24482",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24482"
},
{
"name": "CVE-2023-24994",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24994"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2022-43397",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43397"
},
{
"name": "CVE-2023-24561",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24561"
},
{
"name": "CVE-2023-24995",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24995"
},
{
"name": "CVE-2022-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30774"
},
{
"name": "CVE-2023-24553",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24553"
},
{
"name": "CVE-2023-24984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24984"
},
{
"name": "CVE-2021-32938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32938"
},
{
"name": "CVE-2023-24993",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24993"
},
{
"name": "CVE-2023-24558",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24558"
},
{
"name": "CVE-2022-46348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46348"
},
{
"name": "CVE-2023-22295",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22295"
},
{
"name": "CVE-2021-32948",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32948"
},
{
"name": "CVE-2022-33982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33982"
},
{
"name": "CVE-2023-22846",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22846"
},
{
"name": "CVE-2023-24983",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24983"
},
{
"name": "CVE-2022-47936",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47936"
},
{
"name": "CVE-2022-47977",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47977"
},
{
"name": "CVE-2023-24550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24550"
},
{
"name": "CVE-2023-24565",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24565"
},
{
"name": "CVE-2023-25140",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25140"
},
{
"name": "CVE-2023-24988",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24988"
},
{
"name": "CVE-2022-35868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35868"
},
{
"name": "CVE-2023-24554",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24554"
},
{
"name": "CVE-2022-33907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33907"
},
{
"name": "CVE-2021-43336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43336"
},
{
"name": "CVE-2023-24581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24581"
},
{
"name": "CVE-2023-22321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22321"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-24557",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24557"
},
{
"name": "CVE-2023-24566",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24566"
},
{
"name": "CVE-2023-24978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24978"
},
{
"name": "CVE-2023-24555",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24555"
},
{
"name": "CVE-2023-24979",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24979"
},
{
"name": "CVE-2023-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22354"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2023-24987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24987"
},
{
"name": "CVE-2023-24986",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24986"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2023-23579",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23579"
},
{
"name": "CVE-2023-24564",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24564"
},
{
"name": "CVE-2023-24982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24982"
},
{
"name": "CVE-2023-24996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24996"
},
{
"name": "CVE-2022-31243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31243"
},
{
"name": "CVE-2023-24563",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24563"
},
{
"name": "CVE-2023-24985",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24985"
},
{
"name": "CVE-2023-24991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24991"
},
{
"name": "CVE-2023-24981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24981"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-33908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33908"
},
{
"name": "CVE-2023-23835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23835"
},
{
"name": "CVE-2023-24559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24559"
},
{
"name": "CVE-2023-24989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24989"
},
{
"name": "CVE-2023-22670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22670"
}
],
"initial_release_date": "2023-02-14T00:00:00",
"last_revision_date": "2023-02-14T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-617755.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-658793.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-686975.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693110.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-565356.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-640968.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens du 14 f\u00e9vrier 2023",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-252808.pdf"
}
],
"reference": "CERTFR-2023-AVI-0121",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-02-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-847261 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-693110 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-953464 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-744259 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-617755 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-658793 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-450613 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-491245 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-686975 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-836777 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-565356 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-252808 du 14 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens SSA-640968 du 14 f\u00e9vrier 2023",
"url": null
}
]
}
CVE-2023-24482 (GCVE-0-2023-24482)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 16:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All versions < V10.4.1.0.32), COMOS V10.4.2.0 (All versions < V10.4.2.0.25). Cache validation service in COMOS is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | COMOS V10.2 |
Version: All versions |
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693110.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T16:13:59.134812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T16:14:10.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "COMOS V10.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "COMOS V10.3.3.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V10.3.3.1.45"
}
]
},
{
"defaultStatus": "unknown",
"product": "COMOS V10.3.3.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V10.3.3.2.33"
}
]
},
{
"defaultStatus": "unknown",
"product": "COMOS V10.3.3.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V10.3.3.3.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "COMOS V10.3.3.4",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V10.3.3.4.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "COMOS V10.4.0.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V10.4.0.0.31"
}
]
},
{
"defaultStatus": "unknown",
"product": "COMOS V10.4.1.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V10.4.1.0.32"
}
]
},
{
"defaultStatus": "unknown",
"product": "COMOS V10.4.2.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V10.4.2.0.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions \u003c V10.3.3.1.45), COMOS V10.3.3.2 (All versions \u003c V10.3.3.2.33), COMOS V10.3.3.3 (All versions \u003c V10.3.3.3.9), COMOS V10.3.3.4 (All versions \u003c V10.3.3.4.6), COMOS V10.4.0.0 (All versions \u003c V10.4.0.0.31), COMOS V10.4.1.0 (All versions \u003c V10.4.1.0.32), COMOS V10.4.2.0 (All versions \u003c V10.4.2.0.25). Cache validation service in COMOS is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T09:24:59.994Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693110.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24482",
"datePublished": "2023-02-14T10:36:24.707Z",
"dateReserved": "2023-01-24T13:52:15.873Z",
"dateUpdated": "2025-03-20T16:14:10.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39157 (GCVE-0-2022-39157)
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2025-04-21 13:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.0 (All versions >= V34.0.252 < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V34.1 (All versions >= V34.1.242 < V34.1.244), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.0 (All versions >= V35.0.170 < V35.0.184), Simcenter Femap (All versions < V2023.1). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17745)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Parasolid V34.0 |
Version: All versions < V34.0.252 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-565356.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39157",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:22:35.932896Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:47:13.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.0.252"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V34.0.252 \u003c V34.0.254"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.1.242"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V34.1.242 \u003c V34.1.244"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.0.170"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V35.0.170 \u003c V35.0.184"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter Femap",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2023.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Parasolid V34.0 (All versions \u003c V34.0.252), Parasolid V34.0 (All versions \u003e= V34.0.252 \u003c V34.0.254), Parasolid V34.1 (All versions \u003c V34.1.242), Parasolid V34.1 (All versions \u003e= V34.1.242 \u003c V34.1.244), Parasolid V35.0 (All versions \u003c V35.0.170), Parasolid V35.0 (All versions \u003e= V35.0.170 \u003c V35.0.184), Simcenter Femap (All versions \u003c V2023.1). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17745)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T09:24:49.998Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-565356.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-39157",
"datePublished": "2022-11-08T00:00:00.000Z",
"dateReserved": "2022-09-01T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:47:13.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-33982 (GCVE-0-2022-33982)
Vulnerability from cvelistv5
Published
2022-11-14 00:00
Modified
2025-04-30 20:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver Int15ServiceSmm could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. This issue was discovered by Insyde engineering during a security review. This issue is fixed in Kernel 5.2: 05.27.23, Kernel 5.3: 05.36.23, Kernel 5.4: 05.44.23 and Kernel 5.5: 05.52.23 CWE-367
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:16.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge/SA-2022052"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-33982",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T20:17:37.339826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T20:18:26.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver Int15ServiceSmm could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. This issue was discovered by Insyde engineering during a security review. This issue is fixed in Kernel 5.2: 05.27.23, Kernel 5.3: 05.36.23, Kernel 5.4: 05.44.23 and Kernel 5.5: 05.52.23 CWE-367"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge"
},
{
"url": "https://www.insyde.com/security-pledge/SA-2022052"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"source": {
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-33982",
"datePublished": "2022-11-14T00:00:00.000Z",
"dateReserved": "2022-06-18T00:00:00.000Z",
"dateUpdated": "2025-04-30T20:18:26.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46345 (GCVE-0-2022-46345)
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19070)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:siemens:parasolid:33.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "parasolid",
"vendor": "siemens",
"versions": [
{
"lessThan": "33.1.264",
"status": "affected",
"version": "33.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:solid_edge:se2022:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "solid_edge",
"vendor": "siemens",
"versions": [
{
"lessThan": "v223.0",
"status": "affected",
"version": "se2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:parasolid:34.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "parasolid",
"vendor": "siemens",
"versions": [
{
"lessThan": "34.1.242",
"status": "affected",
"version": "34.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:parasolid:35.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "parasolid",
"vendor": "siemens",
"versions": [
{
"lessThan": "35.0.170",
"status": "affected",
"version": "35.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:siemens:parasolid:34.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "parasolid",
"vendor": "siemens",
"versions": [
{
"lessThan": "34.0.252",
"status": "affected",
"version": "34.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T13:00:20.745055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T19:22:59.367Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:46.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Parasolid V33.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V33.1.264"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.0.252"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.1.242"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.0.170"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions \u003c V33.1.264), Parasolid V34.0 (All versions \u003c V34.0.252), Parasolid V34.1 (All versions \u003c V34.1.242), Parasolid V35.0 (All versions \u003c V35.0.170), Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19070)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:10.275Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-46345",
"datePublished": "2022-12-13T00:00:00",
"dateReserved": "2022-11-30T00:00:00",
"dateUpdated": "2024-08-03T14:31:46.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24978 (GCVE-0-2023-24978)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 14:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-824 - Access of Uninitialized Pointer
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19788)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.313Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24978",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T14:08:54.259527Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:10:30.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19788)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824: Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:35.828Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24978",
"datePublished": "2023-02-14T10:36:47.474Z",
"dateReserved": "2023-02-01T09:35:11.542Z",
"dateUpdated": "2025-03-20T14:10:30.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24990 (GCVE-0-2023-24990)
Vulnerability from cvelistv5
Published
2023-02-14 10:37
Modified
2025-03-19 19:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19812)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24990",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T19:11:18.558894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T19:11:27.198Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19812)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:48.151Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24990",
"datePublished": "2023-02-14T10:37:00.759Z",
"dateReserved": "2023-02-01T09:35:11.544Z",
"dateUpdated": "2025-03-19T19:11:27.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24565 (GCVE-0-2023-24565)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 18:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted STL file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19428)
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24565",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T18:51:38.823732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:51:47.868Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted STL file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19428)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:32.753Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24565",
"datePublished": "2023-02-14T10:36:44.102Z",
"dateReserved": "2023-01-26T16:20:20.792Z",
"dateUpdated": "2025-03-20T18:51:47.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-47977 (GCVE-0-2022-47977)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 16:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0). The affected application contains a memory corruption vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT Open |
Version: All versions < V11.2.3.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-47977",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T16:49:04.865039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T16:49:09.008Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT Open",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V11.2.3.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "JT Utilities",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT Open (All versions \u003c V11.2.3.0), JT Utilities (All versions \u003c V13.2.3.0). The affected application contains a memory corruption vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T09:24:57.845Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-47977",
"datePublished": "2023-02-14T10:36:22.513Z",
"dateReserved": "2022-12-28T09:38:47.265Z",
"dateUpdated": "2025-03-20T16:49:09.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46349 (GCVE-0-2022-46349)
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-21 13:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19384)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:45.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:21:12.567451Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:42:27.034Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Parasolid V33.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V33.1.264"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.0.252"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.1.242"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.0.170"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions \u003c V33.1.264), Parasolid V34.0 (All versions \u003c V34.0.252), Parasolid V34.1 (All versions \u003c V34.1.242), Parasolid V35.0 (All versions \u003c V35.0.170), Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19384)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:14.921Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-46349",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2022-11-30T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:42:27.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46347 (GCVE-0-2022-46347)
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-21 13:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19079)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:45.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46347",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:21:20.520359Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:42:43.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Parasolid V33.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V33.1.264"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.0.252"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.1.242"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.0.170"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions \u003c V33.1.264), Parasolid V34.0 (All versions \u003c V34.0.252), Parasolid V34.1 (All versions \u003c V34.1.242), Parasolid V35.0 (All versions \u003c V35.0.170), Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19079)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:12.594Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-46347",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2022-11-30T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:42:43.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24984 (GCVE-0-2023-24984)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 18:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19806)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24984",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T18:17:52.397656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:18:02.858Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19806)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:42.061Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24984",
"datePublished": "2023-02-14T10:36:54.131Z",
"dateReserved": "2023-02-01T09:35:11.543Z",
"dateUpdated": "2025-03-20T18:18:02.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21198 (GCVE-0-2022-21198)
Vulnerability from cvelistv5
Published
2022-11-11 15:49
Modified
2025-02-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- escalation of privilege
Summary
Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-21198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T20:38:21.227981Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T17:58:34.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T17:46:28.257Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00688.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-21198",
"datePublished": "2022-11-11T15:49:10.831Z",
"dateReserved": "2022-02-18T21:23:59.775Z",
"dateUpdated": "2025-02-04T17:58:34.848Z",
"requesterUserId": "524a9a6b-3515-4b97-ab85-1a9a79493852",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1343 (GCVE-0-2022-1343)
Vulnerability from cvelistv5
Published
2022-05-03 15:15
Modified
2025-05-05 16:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect signature verfication
Summary
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is anticipated that most users of `OCSP_basic_verify` will not use the OCSP_NOCHECKS flag. In this case the `OCSP_basic_verify` function will return a negative value (indicating a fatal error) in the case of a certificate verification failure. The normal expected return value in this case would be 0. This issue also impacts the command line OpenSSL "ocsp" application. When verifying an ocsp response with the "-no_cert_checks" option the command line application will report that the verification is successful even though it has in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:03:05.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20220503.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220602-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-1343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:12.804295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:42:39.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"status": "affected",
"version": "Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Raul Metsma"
}
],
"datePublic": "2022-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is anticipated that most users of `OCSP_basic_verify` will not use the OCSP_NOCHECKS flag. In this case the `OCSP_basic_verify` function will return a negative value (indicating a fatal error) in the case of a certificate verification failure. The normal expected return value in this case would be 0. This issue also impacts the command line OpenSSL \"ocsp\" application. When verifying an ocsp response with the \"-no_cert_checks\" option the command line application will report that the verification is successful even though it has in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)."
}
],
"metrics": [
{
"other": {
"content": {
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Moderate",
"value": "Moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect signature verfication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"url": "https://www.openssl.org/news/secadv/20220503.txt"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2eda98790c5c2741d76d23cc1e74b0dc4f4b391a"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220602-0009/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"
}
],
"title": "OCSP_basic_verify may incorrectly verify the response signing certificate"
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2022-1343",
"datePublished": "2022-05-03T15:15:21.496Z",
"dateReserved": "2022-04-13T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:42:39.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31243 (GCVE-0-2022-31243)
Vulnerability from cvelistv5
Published
2022-11-14 00:00
Modified
2025-04-30 19:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in Kernel 5.2: 05.27.21. Kernel 5.3: 05.36.21. Kernel 5.4: 05.44.21. Kernel 5.5: 05.52.21 https://www.insyde.com/security-pledge/SA-2022044
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge/SA-2022044"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-31243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T19:09:24.358038Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T19:10:05.299Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. \"DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption. This issue was discovered by Insyde engineering based on the general description provided by Intel\u0027s iSTARE group. Fixed in Kernel 5.2: 05.27.21. Kernel 5.3: 05.36.21. Kernel 5.4: 05.44.21. Kernel 5.5: 05.52.21 https://www.insyde.com/security-pledge/SA-2022044"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge"
},
{
"url": "https://www.insyde.com/security-pledge/SA-2022044"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-31243",
"datePublished": "2022-11-14T00:00:00.000Z",
"dateReserved": "2022-05-19T00:00:00.000Z",
"dateUpdated": "2025-04-30T19:10:05.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1473 (GCVE-0-2022-1473)
Vulnerability from cvelistv5
Published
2022-05-03 15:15
Modified
2025-05-05 16:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of Service
Summary
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will expand without bounds and the process might be terminated by the operating system causing a denial of service. Also traversing the empty hash table entries will take increasingly more time. Typically such long lived processes might be TLS clients or TLS servers configured to accept client certificate authentication. The function was added in the OpenSSL 3.0 version thus older releases are not affected by the issue. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:03:06.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20220503.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=64c85430f95200b6b51fe9475bd5203f7c19daf1"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220602-0009/"
},
{
"name": "GLSA-202210-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-1473",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:10.537811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-459",
"description": "CWE-459 Incomplete Cleanup",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:42:05.402Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"status": "affected",
"version": "Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Aliaksei Levin"
}
],
"datePublic": "2022-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will expand without bounds and the process might be terminated by the operating system causing a denial of service. Also traversing the empty hash table entries will take increasingly more time. Typically such long lived processes might be TLS clients or TLS servers configured to accept client certificate authentication. The function was added in the OpenSSL 3.0 version thus older releases are not affected by the issue. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)."
}
],
"metrics": [
{
"other": {
"content": {
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"url": "https://www.openssl.org/news/secadv/20220503.txt"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=64c85430f95200b6b51fe9475bd5203f7c19daf1"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220602-0009/"
},
{
"name": "GLSA-202210-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"
}
],
"title": "Resource leakage when decoding certificates and keys"
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2022-1473",
"datePublished": "2022-05-03T15:15:25.051Z",
"dateReserved": "2022-04-26T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:42:05.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24987 (GCVE-0-2023-24987)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-19 19:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19809)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.345Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24987",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T19:20:01.293222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T19:20:09.266Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19809)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:45.154Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24987",
"datePublished": "2023-02-14T10:36:57.396Z",
"dateReserved": "2023-02-01T09:35:11.543Z",
"dateUpdated": "2025-03-19T19:20:09.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24550 (GCVE-0-2023-24550)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 16:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to heap-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T16:03:40.888656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T16:03:47.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application is vulnerable to heap-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:17.103Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24550",
"datePublished": "2023-02-14T10:36:26.898Z",
"dateReserved": "2023-01-26T14:06:35.398Z",
"dateUpdated": "2025-03-20T16:03:47.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24564 (GCVE-0-2023-24564)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 18:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains a memory corruption vulnerability while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19069)
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.737Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24564",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T18:54:09.762040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:54:17.185Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application contains a memory corruption vulnerability while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19069)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:31.708Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24564",
"datePublished": "2023-02-14T10:36:43.008Z",
"dateReserved": "2023-01-26T16:20:20.791Z",
"dateUpdated": "2025-03-20T18:54:17.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24559 (GCVE-0-2023-24559)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 19:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:19.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24559",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T19:50:34.715791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:50:41.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:26.597Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24559",
"datePublished": "2023-02-14T10:36:37.176Z",
"dateReserved": "2023-01-26T14:06:35.401Z",
"dateUpdated": "2025-03-20T19:50:41.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24986 (GCVE-0-2023-24986)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-19 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19808)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24986",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T19:21:37.407351Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T19:21:52.344Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19808)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:44.133Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24986",
"datePublished": "2023-02-14T10:36:56.309Z",
"dateReserved": "2023-02-01T09:35:11.543Z",
"dateUpdated": "2025-03-19T19:21:52.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5846 (GCVE-0-2007-5846)
Vulnerability from cvelistv5
Published
2007-11-06 21:00
Modified
2024-08-07 15:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27965"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=528095\u0026group_id=12694"
},
{
"name": "USN-564-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-564-1"
},
{
"name": "28413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28413"
},
{
"name": "38904",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38904"
},
{
"name": "MDKSA-2007:225",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:225"
},
{
"name": "ADV-2007-3802",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3802"
},
{
"name": "27733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27733"
},
{
"name": "27685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27685"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1712988\u0026group_id=12694\u0026atid=112694"
},
{
"name": "20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490917/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=198346"
},
{
"name": "FEDORA-2007-3019",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00613.html"
},
{
"name": "GLSA-200711-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-31.xml"
},
{
"name": "SUSE-SR:2007:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730"
},
{
"name": "1018918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018918"
},
{
"name": "29785",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29785"
},
{
"name": "27558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27558"
},
{
"name": "26378",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26378"
},
{
"name": "ADV-2008-1234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1234/references"
},
{
"name": "RHSA-2007:1045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1045.html"
},
{
"name": "28825",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28825"
},
{
"name": "DSA-1483",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1483"
},
{
"name": "oval:org.mitre.oval:def:11258",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11258"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-4-1/net-snmp/agent/snmp_agent.c?view=log"
},
{
"name": "[Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000014.html"
},
{
"name": "27740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27740"
},
{
"name": "27689",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27689"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "27965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27965"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=528095\u0026group_id=12694"
},
{
"name": "USN-564-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-564-1"
},
{
"name": "28413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28413"
},
{
"name": "38904",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38904"
},
{
"name": "MDKSA-2007:225",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:225"
},
{
"name": "ADV-2007-3802",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3802"
},
{
"name": "27733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27733"
},
{
"name": "27685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27685"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1712988\u0026group_id=12694\u0026atid=112694"
},
{
"name": "20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490917/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=198346"
},
{
"name": "FEDORA-2007-3019",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00613.html"
},
{
"name": "GLSA-200711-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-31.xml"
},
{
"name": "SUSE-SR:2007:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730"
},
{
"name": "1018918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018918"
},
{
"name": "29785",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29785"
},
{
"name": "27558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27558"
},
{
"name": "26378",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26378"
},
{
"name": "ADV-2008-1234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1234/references"
},
{
"name": "RHSA-2007:1045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1045.html"
},
{
"name": "28825",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28825"
},
{
"name": "DSA-1483",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1483"
},
{
"name": "oval:org.mitre.oval:def:11258",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11258"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-4-1/net-snmp/agent/snmp_agent.c?view=log"
},
{
"name": "[Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000014.html"
},
{
"name": "27740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27740"
},
{
"name": "27689",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27689"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-5846",
"datePublished": "2007-11-06T21:00:00",
"dateReserved": "2007-11-06T00:00:00",
"dateUpdated": "2024-08-07T15:47:00.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24558 (GCVE-0-2023-24558)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 19:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24558",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T19:50:52.034437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:51:04.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:25.558Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24558",
"datePublished": "2023-02-14T10:36:36.036Z",
"dateReserved": "2023-01-26T14:06:35.400Z",
"dateUpdated": "2025-03-20T19:51:04.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24983 (GCVE-0-2023-24983)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 18:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19805)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24983",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T18:40:17.564340Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:40:26.106Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19805)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:41.019Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24983",
"datePublished": "2023-02-14T10:36:53.001Z",
"dateReserved": "2023-02-01T09:35:11.543Z",
"dateUpdated": "2025-03-20T18:40:26.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-33906 (GCVE-0-2022-33906)
Vulnerability from cvelistv5
Published
2022-11-14 00:00
Modified
2025-04-30 18:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the FwBlockServiceSmm driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in kernel 5.2: 05.27.23, 5.3: 05.36.23, 5.4: 05.44.23, 5.5: 05.52.23 https://www.insyde.com/security-pledge/SA-2022048
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:22.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge/SA-2022048"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-33906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T18:53:13.901743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T18:56:41.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the FwBlockServiceSmm driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel\u0027s iSTARE group. Fixed in kernel 5.2: 05.27.23, 5.3: 05.36.23, 5.4: 05.44.23, 5.5: 05.52.23 https://www.insyde.com/security-pledge/SA-2022048"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge"
},
{
"url": "https://www.insyde.com/security-pledge/SA-2022048"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"source": {
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-33906",
"datePublished": "2022-11-14T00:00:00.000Z",
"dateReserved": "2022-06-17T00:00:00.000Z",
"dateUpdated": "2025-04-30T18:56:41.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30774 (GCVE-0-2022-30774)
Vulnerability from cvelistv5
Published
2022-11-14 00:00
Modified
2025-04-30 19:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) . This issue was discovered by Insyde engineering during a security review. This iss was fixed in Kernel 5.2: 05.27.29, Kernel 5.3: 05.36.25, Kernel 5.4: 05.44.25, Kernel 5.5: 05.52.25. CWE-367 https://www.insyde.com/security-pledge/SA-2022043
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:56:14.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge/SA-2022043"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-30774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T19:12:39.035985Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T19:13:10.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) . This issue was discovered by Insyde engineering during a security review. This iss was fixed in Kernel 5.2: 05.27.29, Kernel 5.3: 05.36.25, Kernel 5.4: 05.44.25, Kernel 5.5: 05.52.25. CWE-367 https://www.insyde.com/security-pledge/SA-2022043"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge"
},
{
"url": "https://www.insyde.com/security-pledge/SA-2022043"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-30774",
"datePublished": "2022-11-14T00:00:00.000Z",
"dateReserved": "2022-05-16T00:00:00.000Z",
"dateUpdated": "2025-04-30T19:13:10.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43397 (GCVE-0-2022-43397)
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2025-04-21 13:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Simcenter Femap (All versions < V2023.1). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17854)
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Parasolid V34.0 |
Version: All versions < V34.0.252 |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:32:57.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-565356.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43397",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:22:12.468907Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:46:27.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.0.252"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.1.242"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.0.170"
}
]
},
{
"defaultStatus": "unknown",
"product": "Simcenter Femap",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2023.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Parasolid V34.0 (All versions \u003c V34.0.252), Parasolid V34.1 (All versions \u003c V34.1.242), Parasolid V35.0 (All versions \u003c V35.0.170), Simcenter Femap (All versions \u003c V2023.1). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17854)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T09:24:50.974Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-853037.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-565356.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-43397",
"datePublished": "2022-11-08T00:00:00.000Z",
"dateReserved": "2022-10-18T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:46:27.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24556 (GCVE-0-2023-24556)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 19:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:19.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24556",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T19:51:52.678576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:52:00.164Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:23.467Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24556",
"datePublished": "2023-02-14T10:36:33.749Z",
"dateReserved": "2023-01-26T14:06:35.400Z",
"dateUpdated": "2025-03-20T19:52:00.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-33908 (GCVE-0-2022-33908)
Vulnerability from cvelistv5
Published
2022-11-14 00:00
Modified
2025-04-30 18:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdHostDriver driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25, kernel 5.5: 05.52.25 https://www.insyde.com/security-pledge/SA-2022050
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:22.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge/SA-2022050"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-33908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T18:34:10.692241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T18:35:31.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdHostDriver driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel\u0027s iSTARE group. Fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25, kernel 5.5: 05.52.25 https://www.insyde.com/security-pledge/SA-2022050"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge"
},
{
"url": "https://www.insyde.com/security-pledge/SA-2022050"
}
],
"source": {
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-33908",
"datePublished": "2022-11-14T00:00:00.000Z",
"dateReserved": "2022-06-17T00:00:00.000Z",
"dateUpdated": "2025-04-30T18:35:31.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24552 (GCVE-0-2023-24552)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2024-08-02 11:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:19.249Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24552",
"datePublished": "2023-02-14T10:36:29.146Z",
"dateReserved": "2023-01-26T14:06:35.399Z",
"dateUpdated": "2024-08-02T11:03:18.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22295 (GCVE-0-2023-22295)
Vulnerability from cvelistv5
Published
2023-04-20 18:09
Modified
2025-01-16 21:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
Datakit CrossCadWare_x64.dll contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Datakit | CrossCAD/Ware_x64 library |
Version: 0 < 2023.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:05.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T20:21:23.843157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:36:13.393Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CrossCAD/Ware_x64 library",
"vendor": "Datakit",
"versions": [
{
"lessThan": "2023.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDatakit CrossCadWare_x64.dll contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.\u003c/p\u003e"
}
],
"value": "Datakit CrossCadWare_x64.dll contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T18:09:44.137Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\nDatakit recommends user upgrade to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.datakit.com/en/crosscad_ware.php\"\u003ev2023.1\u003c/a\u003e\u0026nbsp;or later. \n\n\u003cbr\u003e"
}
],
"value": "Datakit recommends user upgrade to v2023.1 https://www.datakit.com/en/crosscad_ware.php \u00a0or later. \n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2023-22295",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk: \u003c/p\u003e\n\u003cul\u003e\u003cli\u003eDo not open untrusted SLDPRT files with CrossCAD/Ware \u003c/li\u003e\n\u003cli\u003eUpdate CrossCAD/Ware to 2023.1 or a later version. \u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Datakit has identified specific workarounds and mitigations that should be applied to reduce the risk: \n\n\n * Do not open untrusted SLDPRT files with CrossCAD/Ware \n\n * Update CrossCAD/Ware to 2023.1 or a later version. \n\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "VINCE 2.0.7",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-22295"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-22295",
"datePublished": "2023-04-20T18:09:44.137Z",
"dateReserved": "2023-01-23T18:59:04.548Z",
"dateUpdated": "2025-01-16T21:36:13.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31808 (GCVE-0-2022-31808)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 20:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V2.85.44), SiPass integrated ACC-AP (All versions < V2.85.43). Affected devices improperly sanitize user input on the telnet command line interface.
This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | SiPass integrated AC5102 (ACC-G2) |
Version: All versions < V2.85.44 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-658793.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31808",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T20:14:00.542637Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T20:14:08.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SiPass integrated AC5102 (ACC-G2)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.85.44"
}
]
},
{
"defaultStatus": "unknown",
"product": "SiPass integrated ACC-AP",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.85.43"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions \u003c V2.85.44), SiPass integrated ACC-AP (All versions \u003c V2.85.43). Affected devices improperly sanitize user input on the telnet command line interface.\r\n\r\nThis could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T09:24:44.436Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-658793.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-31808",
"datePublished": "2023-02-14T10:36:07.859Z",
"dateReserved": "2022-05-30T10:21:52.587Z",
"dateUpdated": "2025-03-20T20:14:08.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46346 (GCVE-0-2022-46346)
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19071)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:45.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Parasolid V33.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V33.1.264"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.0.252"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.1.242"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.0.170"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions \u003c V33.1.264), Parasolid V34.0 (All versions \u003c V34.0.252), Parasolid V34.1 (All versions \u003c V34.1.242), Parasolid V35.0 (All versions \u003c V35.0.170), Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19071)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:11.475Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-46346",
"datePublished": "2022-12-13T00:00:00",
"dateReserved": "2022-11-30T00:00:00",
"dateUpdated": "2024-08-03T14:31:45.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24563 (GCVE-0-2023-24563)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 19:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-824 - Access of Uninitialized Pointer
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24563",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T19:48:53.283010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:49:01.590Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824: Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:30.687Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24563",
"datePublished": "2023-02-14T10:36:41.883Z",
"dateReserved": "2023-01-26T14:06:35.401Z",
"dateUpdated": "2025-03-20T19:49:01.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24994 (GCVE-0-2023-24994)
Vulnerability from cvelistv5
Published
2023-02-14 10:37
Modified
2025-03-19 19:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19816)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T19:10:12.304077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T19:10:19.954Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19816)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:52.093Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24994",
"datePublished": "2023-02-14T10:37:05.417Z",
"dateReserved": "2023-02-01T09:35:11.544Z",
"dateUpdated": "2025-03-19T19:10:19.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24992 (GCVE-0-2023-24992)
Vulnerability from cvelistv5
Published
2023-02-14 10:37
Modified
2025-03-18 17:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19814)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-18T17:46:58.141737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T17:48:05.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19814)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:50.120Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24992",
"datePublished": "2023-02-14T10:37:03.196Z",
"dateReserved": "2023-02-01T09:35:11.544Z",
"dateUpdated": "2025-03-18T17:48:05.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24566 (GCVE-0-2023-24566)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 15:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19472)
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:19.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24566",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T15:06:05.105221Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T15:06:08.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19472)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:33.773Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24566",
"datePublished": "2023-02-14T10:36:45.233Z",
"dateReserved": "2023-01-26T16:20:20.792Z",
"dateUpdated": "2025-03-20T15:06:08.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24557 (GCVE-0-2023-24557)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 19:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24557",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T19:51:28.497365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:51:39.469Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:24.502Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24557",
"datePublished": "2023-02-14T10:36:34.877Z",
"dateReserved": "2023-01-26T14:06:35.400Z",
"dateUpdated": "2025-03-20T19:51:39.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24549 (GCVE-0-2023-24549)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 16:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24549",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T16:09:17.258625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T16:10:28.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:15.989Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24549",
"datePublished": "2023-02-14T10:36:25.778Z",
"dateReserved": "2023-01-26T14:06:35.398Z",
"dateUpdated": "2025-03-20T16:10:28.755Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32936 (GCVE-0-2021-32936)
Vulnerability from cvelistv5
Published
2021-06-17 00:00
Modified
2024-08-03 23:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - OUT-OF-BOUNDS WRITE
Summary
An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Drawings SDK |
Version: All versions prior to 2022.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:56.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-982/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Drawings SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2022.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "OUT-OF-BOUNDS WRITE CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-982/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-32936",
"datePublished": "2021-06-17T00:00:00",
"dateReserved": "2021-05-13T00:00:00",
"dateUpdated": "2024-08-03T23:33:56.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23835 (GCVE-0-2023-23835)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 16:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.34), Mendix Applications using Mendix 8 (All versions < V8.18.23), Mendix Applications using Mendix 9 (All versions < V9.22.0), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.10), Mendix Applications using Mendix 9 (V9.18) (All versions < V9.18.4), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.15). Some of the Mendix runtime API’s allow attackers to bypass XPath constraints and retrieve information using XPath queries that trigger errors.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Mendix Applications using Mendix 7 |
Version: All versions < V7.23.34 |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-252808.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23835",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T16:18:41.457961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T16:25:54.732Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Mendix Applications using Mendix 7",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.23.34"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix Applications using Mendix 8",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.18.23"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix Applications using Mendix 9",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.22.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix Applications using Mendix 9 (V9.12)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.12.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix Applications using Mendix 9 (V9.18)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.18.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix Applications using Mendix 9 (V9.6)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.6.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions \u003c V7.23.34), Mendix Applications using Mendix 8 (All versions \u003c V8.18.23), Mendix Applications using Mendix 9 (All versions \u003c V9.22.0), Mendix Applications using Mendix 9 (V9.12) (All versions \u003c V9.12.10), Mendix Applications using Mendix 9 (V9.18) (All versions \u003c V9.18.4), Mendix Applications using Mendix 9 (V9.6) (All versions \u003c V9.6.15). Some of the Mendix runtime API\u2019s allow attackers to bypass XPath constraints and retrieve information using XPath queries that trigger errors."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T09:24:58.910Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-252808.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-23835",
"datePublished": "2023-02-14T10:36:23.615Z",
"dateReserved": "2023-01-18T10:28:31.589Z",
"dateUpdated": "2025-03-20T16:25:54.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24988 (GCVE-0-2023-24988)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-19 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19810)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24988",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T19:17:46.296269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T19:17:53.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19810)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:46.168Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24988",
"datePublished": "2023-02-14T10:36:58.514Z",
"dateReserved": "2023-02-01T09:35:11.543Z",
"dateUpdated": "2025-03-19T19:17:53.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24979 (GCVE-0-2023-24979)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 18:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19789)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T18:51:00.519936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:51:09.033Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19789)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:36.850Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24979",
"datePublished": "2023-02-14T10:36:48.580Z",
"dateReserved": "2023-02-01T09:35:11.542Z",
"dateUpdated": "2025-03-20T18:51:09.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24996 (GCVE-0-2023-24996)
Vulnerability from cvelistv5
Published
2023-02-14 10:37
Modified
2025-03-19 15:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19818)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T15:28:12.598433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T15:28:24.962Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19818)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:54.082Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24996",
"datePublished": "2023-02-14T10:37:07.528Z",
"dateReserved": "2023-02-01T09:35:11.544Z",
"dateUpdated": "2025-03-19T15:28:24.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24993 (GCVE-0-2023-24993)
Vulnerability from cvelistv5
Published
2023-02-14 10:37
Modified
2025-03-20 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19815)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24993",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T18:12:57.948197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:13:05.062Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19815)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:51.106Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24993",
"datePublished": "2023-02-14T10:37:04.297Z",
"dateReserved": "2023-02-01T09:35:11.544Z",
"dateUpdated": "2025-03-20T18:13:05.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24921 (GCVE-0-2022-24921)
Vulnerability from cvelistv5
Published
2022-03-05 00:00
Modified
2024-08-03 04:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:01.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220325-0010/"
},
{
"name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html"
},
{
"name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-19T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220325-0010/"
},
{
"name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html"
},
{
"name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-24921",
"datePublished": "2022-03-05T00:00:00",
"dateReserved": "2022-02-10T00:00:00",
"dateUpdated": "2024-08-03T04:29:01.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41771 (GCVE-0-2021-41771)
Vulnerability from cvelistv5
Published
2021-11-08 00:00
Modified
2024-08-04 03:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:15:29.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2021-2ef35beebf",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z/"
},
{
"name": "FEDORA-2021-2b2dd1b5a7",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ON7BQRRJZBOR5TJHURBAB3WLF4YXFC6Z/"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/0fM21h43arc"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0003/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-19T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2021-2ef35beebf",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z/"
},
{
"name": "FEDORA-2021-2b2dd1b5a7",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ON7BQRRJZBOR5TJHURBAB3WLF4YXFC6Z/"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://groups.google.com/g/golang-announce/c/0fM21h43arc"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211210-0003/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41771",
"datePublished": "2021-11-08T00:00:00",
"dateReserved": "2021-09-28T00:00:00",
"dateUpdated": "2024-08-04T03:15:29.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22846 (GCVE-0-2023-22846)
Vulnerability from cvelistv5
Published
2023-04-20 18:15
Modified
2025-01-16 21:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Datakit | CrossCAD/Ware_x64 library 0 |
Version: 0 < 2023.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:31.154Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22846",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T20:21:15.417010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:35:52.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CrossCAD/Ware_x64 library 0",
"vendor": "Datakit",
"versions": [
{
"lessThan": "2023.1 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \u003c/span\u003e\n\n \u003c/span\u003e\n\n \u003c/span\u003e\n\n \u003c/span\u003e\n\n"
}
],
"value": "\n\n\n\n\n\n\nDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \n\n \n\n \n\n \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T18:15:19.219Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDatakit recommends user upgrade to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.datakit.com/en/crosscad_ware.php\"\u003ev2023.1\u003c/a\u003e\u0026nbsp;or later. \u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\nDatakit recommends user upgrade to v2023.1 https://www.datakit.com/en/crosscad_ware.php \u00a0or later. \n\n\n\n\n"
}
],
"source": {
"advisory": "ICSA-23-103-14",
"discovery": "EXTERNAL"
},
"title": "Datakit CrossCAD/Ware",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk:\u003c/p\u003e\u003cul\u003e\u003cli\u003eDo not open untrusted SLDPRT files with CrossCAD/Ware\u003c/li\u003e\u003cli\u003eUpdate CrossCAD/Ware to 2023.1 or a later version.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk:\n\n * Do not open untrusted SLDPRT files with CrossCAD/Ware\n * Update CrossCAD/Ware to 2023.1 or a later version.\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-22846",
"datePublished": "2023-04-20T18:15:19.219Z",
"dateReserved": "2023-01-23T18:59:04.544Z",
"dateUpdated": "2025-01-16T21:35:52.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35868 (GCVE-0-2022-35868)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2024-08-13 07:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-426 - Untrusted Search Path
Summary
A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions < V17 Update 6). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | TIA Multiuser Server V14 |
Version: 0 < * |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:44:22.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-640968.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "TIA Multiuser Server V14",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Multiuser Server V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 8"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Project-Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Project-Server V16",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Project-Server V17",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions \u003c V15.1 Update 8), TIA Project-Server (All versions \u003c V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions \u003c V17 Update 6). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426: Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T07:50:22.699Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-640968.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-640968.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-35868",
"datePublished": "2023-02-14T10:36:08.964Z",
"dateReserved": "2022-07-14T16:20:28.861Z",
"dateUpdated": "2024-08-13T07:50:22.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24581 (GCVE-0-2023-24581)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 14:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted STP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19425)
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24581",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T14:10:44.320619Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:10:54.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted STP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19425)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:34.788Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24581",
"datePublished": "2023-02-14T10:36:46.345Z",
"dateReserved": "2023-01-27T16:12:53.048Z",
"dateUpdated": "2025-03-20T14:10:54.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41772 (GCVE-0-2021-41772)
Vulnerability from cvelistv5
Published
2021-11-08 00:00
Modified
2024-08-04 03:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:15:29.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2021-2ef35beebf",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z/"
},
{
"name": "FEDORA-2021-2b2dd1b5a7",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ON7BQRRJZBOR5TJHURBAB3WLF4YXFC6Z/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/0fM21h43arc"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0003/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2021-2ef35beebf",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z/"
},
{
"name": "FEDORA-2021-2b2dd1b5a7",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ON7BQRRJZBOR5TJHURBAB3WLF4YXFC6Z/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://groups.google.com/g/golang-announce/c/0fM21h43arc"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211210-0003/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41772",
"datePublished": "2021-11-08T00:00:00",
"dateReserved": "2021-09-28T00:00:00",
"dateUpdated": "2024-08-04T03:15:29.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24554 (GCVE-0-2023-24554)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 15:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24554",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T15:59:45.313832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T15:59:50.025Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:21.336Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24554",
"datePublished": "2023-02-14T10:36:31.375Z",
"dateReserved": "2023-01-26T14:06:35.399Z",
"dateUpdated": "2025-03-20T15:59:50.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24982 (GCVE-0-2023-24982)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 18:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19804)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24982",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T18:48:47.448219Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:48:56.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19804)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:39.937Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24982",
"datePublished": "2023-02-14T10:36:51.881Z",
"dateReserved": "2023-02-01T09:35:11.542Z",
"dateUpdated": "2025-03-20T18:48:56.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24981 (GCVE-0-2023-24981)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 18:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19791)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24981",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T18:50:31.200869Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:50:38.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19791)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:38.915Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24981",
"datePublished": "2023-02-14T10:36:50.780Z",
"dateReserved": "2023-02-01T09:35:11.542Z",
"dateUpdated": "2025-03-20T18:50:38.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24555 (GCVE-0-2023-24555)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2024-08-02 11:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:19.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:22.404Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24555",
"datePublished": "2023-02-14T10:36:32.550Z",
"dateReserved": "2023-01-26T14:06:35.400Z",
"dateUpdated": "2024-08-02T11:03:19.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24560 (GCVE-0-2023-24560)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 19:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T19:50:15.418649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:50:22.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:27.615Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24560",
"datePublished": "2023-02-14T10:36:38.321Z",
"dateReserved": "2023-01-26T14:06:35.401Z",
"dateUpdated": "2025-03-20T19:50:22.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24989 (GCVE-0-2023-24989)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-19 19:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19811)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24989",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T19:15:47.590657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T19:16:04.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19811)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:47.161Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24989",
"datePublished": "2023-02-14T10:36:59.619Z",
"dateReserved": "2023-02-01T09:35:11.543Z",
"dateUpdated": "2025-03-19T19:16:04.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43336 (GCVE-0-2021-43336)
Vulnerability from cvelistv5
Published
2021-11-14 00:00
Modified
2024-08-04 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An Out-of-Bounds Write vulnerability exists when reading a DXF or DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF and DWG files. Crafted data in a DXF or DWG file (an invalid number of properties) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:28.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.opendesign.com/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-334/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Out-of-Bounds Write vulnerability exists when reading a DXF or DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF and DWG files. Crafted data in a DXF or DWG file (an invalid number of properties) can trigger a write operation past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.opendesign.com/security-advisories"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-334/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43336",
"datePublished": "2021-11-14T00:00:00",
"dateReserved": "2021-11-03T00:00:00",
"dateUpdated": "2024-08-04T03:55:28.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22669 (GCVE-0-2023-22669)
Vulnerability from cvelistv5
Published
2023-04-15 00:00
Modified
2025-05-05 16:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.096Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.opendesign.com/security-advisories"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22669",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:28:38.735223Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:05:58.997Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-15T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.opendesign.com/security-advisories"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-22669",
"datePublished": "2023-04-15T00:00:00.000Z",
"dateReserved": "2023-01-06T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:05:58.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24562 (GCVE-0-2023-24562)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 19:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-824 - Access of Uninitialized Pointer
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24562",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T19:49:13.440152Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:49:22.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824: Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:29.675Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24562",
"datePublished": "2023-02-14T10:36:40.716Z",
"dateReserved": "2023-01-26T14:06:35.401Z",
"dateUpdated": "2025-03-20T19:49:22.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-33984 (GCVE-0-2022-33984)
Vulnerability from cvelistv5
Published
2022-11-14 00:00
Modified
2025-04-30 20:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdMmcDevice driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. This was fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25, kernel 5.5: 05.52.25 https://www.insyde.com/security-pledge/SA-2022054
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:16.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge/SA-2022054"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-33984",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T20:01:56.562523Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T20:02:19.323Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdMmcDevice driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel\u0027s iSTARE group. This was fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25, kernel 5.5: 05.52.25 https://www.insyde.com/security-pledge/SA-2022054"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge"
},
{
"url": "https://www.insyde.com/security-pledge/SA-2022054"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"source": {
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-33984",
"datePublished": "2022-11-14T00:00:00.000Z",
"dateReserved": "2022-06-18T00:00:00.000Z",
"dateUpdated": "2025-04-30T20:02:19.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27536 (GCVE-0-2022-27536)
Vulnerability from cvelistv5
Published
2022-04-20 00:00
Modified
2024-08-03 05:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:58.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230309-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-09T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce"
},
{
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230309-0001/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-27536",
"datePublished": "2022-04-20T00:00:00",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-08-03T05:32:58.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-44716 (GCVE-0-2021-44716)
Vulnerability from cvelistv5
Published
2022-01-01 00:00
Modified
2024-08-04 04:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:12.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220121-0002/"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-19T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220121-0002/"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-44716",
"datePublished": "2022-01-01T00:00:00",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-08-04T04:32:12.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32938 (GCVE-0-2021-32938)
Vulnerability from cvelistv5
Published
2021-06-17 00:00
Modified
2024-08-03 23:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - OUT-OF-BOUNDS READ
Summary
Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Drawings SDK |
Version: All versions prior to 2022.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:55.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-980/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Drawings SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2022.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "OUT-OF-BOUNDS READ CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-980/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-32938",
"datePublished": "2021-06-17T00:00:00",
"dateReserved": "2021-05-13T00:00:00",
"dateUpdated": "2024-08-03T23:33:55.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-44717 (GCVE-0-2021-44717)
Vulnerability from cvelistv5
Published
2022-01-01 00:00
Modified
2024-08-04 04:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:12.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-19T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2891-1] golang-1.8 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html"
},
{
"name": "[debian-lts-announce] 20220121 [SECURITY] [DLA 2892-1] golang-1.7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-44717",
"datePublished": "2022-01-01T00:00:00",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-08-04T04:32:12.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24675 (GCVE-0-2022-24675)
Vulnerability from cvelistv5
Published
2022-04-20 00:00
Modified
2024-08-03 04:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:49.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
},
{
"name": "FEDORA-2022-a49babed75",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/"
},
{
"name": "FEDORA-2022-c0f780ecf1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/"
},
{
"name": "FEDORA-2022-e46e6e8317",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/"
},
{
"name": "FEDORA-2022-fae3ecee19",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
},
{
"name": "FEDORA-2022-ba365d3703",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"name": "FEDORA-2022-30c5ed5625",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220915-0010/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce"
},
{
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
},
{
"name": "FEDORA-2022-a49babed75",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/"
},
{
"name": "FEDORA-2022-c0f780ecf1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/"
},
{
"name": "FEDORA-2022-e46e6e8317",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/"
},
{
"name": "FEDORA-2022-fae3ecee19",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
},
{
"name": "FEDORA-2022-ba365d3703",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"name": "FEDORA-2022-30c5ed5625",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220915-0010/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-24675",
"datePublished": "2022-04-20T00:00:00",
"dateReserved": "2022-02-08T00:00:00",
"dateUpdated": "2024-08-03T04:20:49.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32948 (GCVE-0-2021-32948)
Vulnerability from cvelistv5
Published
2021-06-17 00:00
Modified
2024-08-03 23:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - OUT-OF-BOUNDS WRITE
Summary
An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Drawings SDK |
Version: All versions prior to 2022.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:56.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-984/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Drawings SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2022.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "OUT-OF-BOUNDS WRITE CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-984/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-32948",
"datePublished": "2021-06-17T00:00:00",
"dateReserved": "2021-05-13T00:00:00",
"dateUpdated": "2024-08-03T23:33:56.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24553 (GCVE-0-2023-24553)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 16:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24553",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T16:00:19.647847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T16:00:23.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:20.298Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24553",
"datePublished": "2023-02-14T10:36:30.258Z",
"dateReserved": "2023-01-26T14:06:35.399Z",
"dateUpdated": "2025-03-20T16:00:23.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1434 (GCVE-0-2022-1434)
Vulnerability from cvelistv5
Published
2022-05-03 15:15
Modified
2024-09-17 04:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect MAC key
Summary
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipient such that the modified data would still pass the MAC integrity check. Note that data sent from an OpenSSL 3.0 endpoint to a non-OpenSSL 3.0 endpoint will always be rejected by the recipient and the connection will fail at that point. Many application protocols require data to be sent from the client to the server first. Therefore, in such a case, only an OpenSSL 3.0 server would be impacted when talking to a non-OpenSSL 3.0 client. If both endpoints are OpenSSL 3.0 then the attacker could modify data being sent in both directions. In this case both clients and servers could be affected, regardless of the application protocol. Note that in the absence of an attacker this bug means that an OpenSSL 3.0 endpoint communicating with a non-OpenSSL 3.0 endpoint will fail to complete the handshake when using this ciphersuite. The confidentiality of data is not impacted by this issue, i.e. an attacker cannot decrypt data that has been encrypted using this ciphersuite - they can only modify it. In order for this attack to work both endpoints must legitimately negotiate the RC4-MD5 ciphersuite. This ciphersuite is not compiled by default in OpenSSL 3.0, and is not available within the default provider or the default ciphersuite list. This ciphersuite will never be used if TLSv1.3 has been negotiated. In order for an OpenSSL 3.0 endpoint to use this ciphersuite the following must have occurred: 1) OpenSSL must have been compiled with the (non-default) compile time option enable-weak-ssl-ciphers 2) OpenSSL must have had the legacy provider explicitly loaded (either through application code or via configuration) 3) The ciphersuite must have been explicitly added to the ciphersuite list 4) The libssl security level must have been set to 0 (default is 1) 5) A version of SSL/TLS below TLSv1.3 must have been negotiated 6) Both endpoints must negotiate the RC4-MD5 ciphersuite in preference to any others that both endpoints have in common Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:03:06.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20220503.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7d56a74a96828985db7354a55227a511615f732b"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220602-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"status": "affected",
"version": "Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tom Colley (Broadcom)"
}
],
"datePublic": "2022-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipient such that the modified data would still pass the MAC integrity check. Note that data sent from an OpenSSL 3.0 endpoint to a non-OpenSSL 3.0 endpoint will always be rejected by the recipient and the connection will fail at that point. Many application protocols require data to be sent from the client to the server first. Therefore, in such a case, only an OpenSSL 3.0 server would be impacted when talking to a non-OpenSSL 3.0 client. If both endpoints are OpenSSL 3.0 then the attacker could modify data being sent in both directions. In this case both clients and servers could be affected, regardless of the application protocol. Note that in the absence of an attacker this bug means that an OpenSSL 3.0 endpoint communicating with a non-OpenSSL 3.0 endpoint will fail to complete the handshake when using this ciphersuite. The confidentiality of data is not impacted by this issue, i.e. an attacker cannot decrypt data that has been encrypted using this ciphersuite - they can only modify it. In order for this attack to work both endpoints must legitimately negotiate the RC4-MD5 ciphersuite. This ciphersuite is not compiled by default in OpenSSL 3.0, and is not available within the default provider or the default ciphersuite list. This ciphersuite will never be used if TLSv1.3 has been negotiated. In order for an OpenSSL 3.0 endpoint to use this ciphersuite the following must have occurred: 1) OpenSSL must have been compiled with the (non-default) compile time option enable-weak-ssl-ciphers 2) OpenSSL must have had the legacy provider explicitly loaded (either through application code or via configuration) 3) The ciphersuite must have been explicitly added to the ciphersuite list 4) The libssl security level must have been set to 0 (default is 1) 5) A version of SSL/TLS below TLSv1.3 must have been negotiated 6) Both endpoints must negotiate the RC4-MD5 ciphersuite in preference to any others that both endpoints have in common Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)."
}
],
"metrics": [
{
"other": {
"content": {
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect MAC key",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"url": "https://www.openssl.org/news/secadv/20220503.txt"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7d56a74a96828985db7354a55227a511615f732b"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220602-0009/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"
}
],
"title": "Incorrect MAC key used in the RC4-MD5 ciphersuite"
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2022-1434",
"datePublished": "2022-05-03T15:15:23.387791Z",
"dateReserved": "2022-04-22T00:00:00",
"dateUpdated": "2024-09-17T04:19:38.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24561 (GCVE-0-2023-24561)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 19:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-824 - Access of Uninitialized Pointer
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24561",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T19:49:49.439440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:49:55.961Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824: Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:28.643Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24561",
"datePublished": "2023-02-14T10:36:39.446Z",
"dateReserved": "2023-01-26T14:06:35.401Z",
"dateUpdated": "2025-03-20T19:49:55.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24980 (GCVE-0-2023-24980)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-19 19:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19790)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24980",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T19:23:48.663156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T19:23:56.056Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19790)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:37.881Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24980",
"datePublished": "2023-02-14T10:36:49.677Z",
"dateReserved": "2023-02-01T09:35:11.542Z",
"dateUpdated": "2025-03-19T19:23:56.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22354 (GCVE-0-2023-22354)
Vulnerability from cvelistv5
Published
2023-04-20 18:13
Modified
2025-01-16 21:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Datakit | CrossCAD/Ware_x64 library 0 |
Version: 0 < 2023.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T20:21:18.232730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:35:58.720Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CrossCAD/Ware_x64 library 0",
"vendor": "Datakit",
"versions": [
{
"lessThan": "2023.1 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \u003c/span\u003e\n\n \u003c/span\u003e\n\n \u003c/span\u003e\n\n"
}
],
"value": "\n\n\n\n\nDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \n\n \n\n \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T18:13:50.042Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDatakit recommends user upgrade to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.datakit.com/en/crosscad_ware.php\"\u003ev2023.1\u003c/a\u003e\u0026nbsp;or later. \u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\nDatakit recommends user upgrade to v2023.1 https://www.datakit.com/en/crosscad_ware.php \u00a0or later. \n\n\n\n\n"
}
],
"source": {
"advisory": "ICSA-23-103-14",
"discovery": "EXTERNAL"
},
"title": "Datakit CrossCAD/Ware",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk:\u003c/p\u003e\u003cul\u003e\u003cli\u003eDo not open untrusted SLDPRT files with CrossCAD/Ware\u003c/li\u003e\u003cli\u003eUpdate CrossCAD/Ware to 2023.1 or a later version.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk:\n\n * Do not open untrusted SLDPRT files with CrossCAD/Ware\n * Update CrossCAD/Ware to 2023.1 or a later version.\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-22354",
"datePublished": "2023-04-20T18:13:50.042Z",
"dateReserved": "2023-01-23T18:59:04.552Z",
"dateUpdated": "2025-01-16T21:35:58.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24551 (GCVE-0-2023-24551)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 16:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Solid Edge SE2022 |
Version: All versions < V222.0MP12 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24551",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T16:03:17.320688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T16:03:21.244Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:18.230Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24551",
"datePublished": "2023-02-14T10:36:28.028Z",
"dateReserved": "2023-01-26T14:06:35.399Z",
"dateUpdated": "2025-03-20T16:03:21.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43391 (GCVE-0-2021-43391)
Vulnerability from cvelistv5
Published
2021-11-14 00:00
Modified
2024-08-04 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An Out-of-Bounds Read vulnerability exists when reading a DXF file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF files. Crafted data in a DXF file (an invalid dash counter in line types) can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:28.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.opendesign.com/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1352/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1361/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Out-of-Bounds Read vulnerability exists when reading a DXF file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DXF files. Crafted data in a DXF file (an invalid dash counter in line types) can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.opendesign.com/security-advisories"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1352/"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1361/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43391",
"datePublished": "2021-11-14T00:00:00",
"dateReserved": "2021-11-04T00:00:00",
"dateUpdated": "2024-08-04T03:55:28.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28327 (GCVE-0-2022-28327)
Vulnerability from cvelistv5
Published
2022-04-20 00:00
Modified
2024-08-03 05:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:38.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
},
{
"name": "FEDORA-2022-a49babed75",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/"
},
{
"name": "FEDORA-2022-53f0c619c5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/"
},
{
"name": "FEDORA-2022-c0f780ecf1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/"
},
{
"name": "FEDORA-2022-e46e6e8317",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/"
},
{
"name": "FEDORA-2022-fae3ecee19",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
},
{
"name": "FEDORA-2022-ba365d3703",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"name": "FEDORA-2022-30c5ed5625",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220915-0010/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce"
},
{
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
},
{
"name": "FEDORA-2022-a49babed75",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/"
},
{
"name": "FEDORA-2022-53f0c619c5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/"
},
{
"name": "FEDORA-2022-c0f780ecf1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/"
},
{
"name": "FEDORA-2022-e46e6e8317",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/"
},
{
"name": "FEDORA-2022-fae3ecee19",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
},
{
"name": "FEDORA-2022-ba365d3703",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"name": "FEDORA-2022-30c5ed5625",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220915-0010/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28327",
"datePublished": "2022-04-20T00:00:00",
"dateReserved": "2022-04-01T00:00:00",
"dateUpdated": "2024-08-03T05:48:38.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1292 (GCVE-0-2022-1292)
Vulnerability from cvelistv5
Published
2022-05-03 15:15
Modified
2025-08-13 14:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Command injection
Summary
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-08-13T14:06:18.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://gitlab.com/fraf0/cve-2022-1292-re_score-analysis"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20220503.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb"
},
{
"name": "[debian-lts-announce] 20220515 [SECURITY] [DLA 3008-1] openssl security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html"
},
{
"name": "DSA-5139",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5139"
},
{
"name": "FEDORA-2022-b651cb69e6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/"
},
{
"name": "FEDORA-2022-c9c02865f6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220602-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"name": "GLSA-202210-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-02"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-1292",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:35.881727Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:42:51.713Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"status": "affected",
"version": "Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)"
},
{
"status": "affected",
"version": "Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n)"
},
{
"status": "affected",
"version": "Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Elison Niven (Sophos)"
}
],
"datePublic": "2022-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd)."
}
],
"metrics": [
{
"other": {
"content": {
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Moderate",
"value": "Moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"url": "https://www.openssl.org/news/secadv/20220503.txt"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb"
},
{
"name": "[debian-lts-announce] 20220515 [SECURITY] [DLA 3008-1] openssl security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html"
},
{
"name": "DSA-5139",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5139"
},
{
"name": "FEDORA-2022-b651cb69e6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/"
},
{
"name": "FEDORA-2022-c9c02865f6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220602-0009/"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"name": "GLSA-202210-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-02"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf"
}
],
"title": "The c_rehash script allows command injection"
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2022-1292",
"datePublished": "2022-05-03T15:15:19.758Z",
"dateReserved": "2022-04-11T00:00:00.000Z",
"dateUpdated": "2025-08-13T14:06:18.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24995 (GCVE-0-2023-24995)
Vulnerability from cvelistv5
Published
2023-02-14 10:37
Modified
2025-03-19 18:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19817)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T18:57:12.301273Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T18:57:19.059Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19817)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:53.089Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24995",
"datePublished": "2023-02-14T10:37:06.480Z",
"dateReserved": "2023-02-01T09:35:11.544Z",
"dateUpdated": "2025-03-19T18:57:19.059Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-47936 (GCVE-0-2022-47936)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 20:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150). The affected application contains a stack overflow vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT Open |
Version: All versions < V11.2.3.0 |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-47936",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T20:07:21.772715Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T20:07:30.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT Open",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V11.2.3.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "JT Utilities",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.3.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.0.252"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.1.242"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.0.170"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.1.150"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT Open (All versions \u003c V11.2.3.0), JT Utilities (All versions \u003c V13.2.3.0), Parasolid V34.0 (All versions \u003c V34.0.252), Parasolid V34.1 (All versions \u003c V34.1.242), Parasolid V35.0 (All versions \u003c V35.0.170), Parasolid V35.1 (All versions \u003c V35.1.150). The affected application contains a stack overflow vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T09:24:56.841Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-47936",
"datePublished": "2023-02-14T10:36:21.369Z",
"dateReserved": "2022-12-23T11:29:16.433Z",
"dateUpdated": "2025-03-20T20:07:30.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22670 (GCVE-0-2023-22670)
Vulnerability from cvelistv5
Published
2023-04-15 00:00
Modified
2025-05-05 16:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK before 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:49.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.opendesign.com/security-advisories"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22670",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:28:37.328547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:05:49.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK before 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-15T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.opendesign.com/security-advisories"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-22670",
"datePublished": "2023-04-15T00:00:00.000Z",
"dateReserved": "2023-01-06T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:05:49.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23579 (GCVE-0-2023-23579)
Vulnerability from cvelistv5
Published
2023-04-20 18:16
Modified
2025-01-16 21:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Datakit CrossCadWare_x64.dll contains an out-of-bounds write past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Datakit | CrossCAD/Ware_x64 library 0 |
Version: 0 < 2023.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:35:33.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T20:30:46.571636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:35:44.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CrossCAD/Ware_x64 library 0",
"vendor": "Datakit",
"versions": [
{
"lessThan": "2023.1 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDatakit CrossCadWare_x64.dll contains an out-of-bounds write past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This could allow an attacker to execute code in the context of the current process. \u003c/span\u003e\n\n \u003c/span\u003e\n\n \u003c/span\u003e\n\n \u003c/span\u003e\n\n \u003c/span\u003e\n\n"
}
],
"value": "\n\n\n\n\n\n\n\n\nDatakit CrossCadWare_x64.dll contains an out-of-bounds write past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This could allow an attacker to execute code in the context of the current process. \n\n \n\n \n\n \n\n \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T18:16:47.878Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDatakit recommends user upgrade to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.datakit.com/en/crosscad_ware.php\"\u003ev2023.1\u003c/a\u003e\u0026nbsp;or later. \u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\nDatakit recommends user upgrade to v2023.1 https://www.datakit.com/en/crosscad_ware.php \u00a0or later. \n\n\n\n\n"
}
],
"source": {
"advisory": "ICSA-23-103-14",
"discovery": "EXTERNAL"
},
"title": "Datakit CrossCAD/Ware",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk:\u003c/p\u003e\u003cul\u003e\u003cli\u003eDo not open untrusted SLDPRT files with CrossCAD/Ware\u003c/li\u003e\u003cli\u003eUpdate CrossCAD/Ware to 2023.1 or a later version.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk:\n\n * Do not open untrusted SLDPRT files with CrossCAD/Ware\n * Update CrossCAD/Ware to 2023.1 or a later version.\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-23579",
"datePublished": "2023-04-20T18:16:47.878Z",
"dateReserved": "2023-01-23T18:59:04.562Z",
"dateUpdated": "2025-01-16T21:35:44.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24985 (GCVE-0-2023-24985)
Vulnerability from cvelistv5
Published
2023-02-14 10:36
Modified
2025-03-20 18:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19807)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24985",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T18:14:45.734444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:14:53.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19807)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:43.090Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24985",
"datePublished": "2023-02-14T10:36:55.207Z",
"dateReserved": "2023-02-01T09:35:11.543Z",
"dateUpdated": "2025-03-20T18:14:53.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22321 (GCVE-0-2023-22321)
Vulnerability from cvelistv5
Published
2023-04-20 18:12
Modified
2025-01-16 21:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Datakit | CrossCAD/Ware_x64 library 0 |
Version: 0 < 2023.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22321",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T20:21:20.976360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:36:07.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CrossCAD/Ware_x64 library 0",
"vendor": "Datakit",
"versions": [
{
"lessThan": "2023.1 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \u003c/span\u003e\n\n \u003c/span\u003e\n\n"
}
],
"value": "\n\n\nDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \n\n \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T18:12:15.327Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eDatakit recommends user upgrade to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.datakit.com/en/crosscad_ware.php\"\u003ev2023.1\u003c/a\u003e\u0026nbsp;or later. \u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "\nDatakit recommends user upgrade to v2023.1 https://www.datakit.com/en/crosscad_ware.php \u00a0or later. \n\n\n\n\n"
}
],
"source": {
"advisory": "ICSA-23-103-14",
"discovery": "EXTERNAL"
},
"title": "Datakit CrossCAD/Ware",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n\n\n\n\u003cp\u003eDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk: \u003c/p\u003e\n\u003cul\u003e\u003cli\u003eDo not open untrusted SLDPRT files with CrossCAD/Ware \u003c/li\u003e\n\u003cli\u003eUpdate CrossCAD/Ware to 2023.1 or a later version.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\n\n\n\n\n\n\n\nDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk: \n\n\n * Do not open untrusted SLDPRT files with CrossCAD/Ware \n\n * Update CrossCAD/Ware to 2023.1 or a later version.\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-22321",
"datePublished": "2023-04-20T18:12:15.327Z",
"dateReserved": "2023-01-23T18:59:04.538Z",
"dateUpdated": "2025-01-16T21:36:07.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-33907 (GCVE-0-2022-33907)
Vulnerability from cvelistv5
Published
2022-11-14 00:00
Modified
2025-04-30 18:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25 https://www.insyde.com/security-pledge/SA-2022049
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:22.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.insyde.com/security-pledge/SA-2022049"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-33907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T18:50:57.748008Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T18:52:04.921Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel\u0027s iSTARE group. Fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25 https://www.insyde.com/security-pledge/SA-2022049"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge"
},
{
"url": "https://www.insyde.com/security-pledge/SA-2022049"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf"
}
],
"source": {
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-33907",
"datePublished": "2022-11-14T00:00:00.000Z",
"dateReserved": "2022-06-17T00:00:00.000Z",
"dateUpdated": "2025-04-30T18:52:04.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24991 (GCVE-0-2023-24991)
Vulnerability from cvelistv5
Published
2023-02-14 10:37
Modified
2025-03-19 19:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19813)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Tecnomatix Plant Simulation |
Version: All versions < V2201.0006 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24991",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T19:10:41.453018Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T19:10:49.536Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation (All versions \u003c V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19813)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:49.138Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-847261.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-24991",
"datePublished": "2023-02-14T10:37:02.099Z",
"dateReserved": "2023-02-01T09:35:11.544Z",
"dateUpdated": "2025-03-19T19:10:49.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25140 (GCVE-0-2023-25140)
Vulnerability from cvelistv5
Published
2023-02-14 10:37
Modified
2025-03-19 18:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150), Solid Edge SE2022 (All versions < V222.0MP12). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Parasolid V34.0 |
Version: All versions < V34.0.254 |
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:18:35.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-19T18:53:27.859268Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T18:53:35.636Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.0.254"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.1.242"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.0.170"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.1.150"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Parasolid V34.0 (All versions \u003c V34.0.254), Parasolid V34.1 (All versions \u003c V34.1.242), Parasolid V35.0 (All versions \u003c V35.0.170), Parasolid V35.1 (All versions \u003c V35.1.150), Solid Edge SE2022 (All versions \u003c V222.0MP12). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:55.102Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-25140",
"datePublished": "2023-02-14T10:37:08.574Z",
"dateReserved": "2023-02-03T08:06:30.685Z",
"dateUpdated": "2025-03-19T18:53:35.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46348 (GCVE-0-2022-46348)
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-21 13:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19383)
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Parasolid V33.1 |
Version: All versions < V33.1.264 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:46.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:21:16.601521Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:42:35.733Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Parasolid V33.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V33.1.264"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.0.252"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V34.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V34.1.242"
}
]
},
{
"defaultStatus": "unknown",
"product": "Parasolid V35.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V35.0.170"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0MP12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0Update2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions \u003c V33.1.264), Parasolid V34.0 (All versions \u003c V34.0.252), Parasolid V34.1 (All versions \u003c V34.1.242), Parasolid V35.0 (All versions \u003c V35.0.170), Solid Edge SE2022 (All versions \u003c V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions \u003c V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19383)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:31:13.727Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-46348",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2022-11-30T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:42:35.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…