var-202109-1791
Vulnerability from variot
A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied OBJ files. An attacker could leverage this vulnerability to leak information from unexpected memory locations (ZDI-CAN-13770). This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "affected_products": { "_id": null, "data": [ { "_id": null, "model": "nx 1969", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1973.3700" }, { "_id": null, "model": "nx 1984", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1984" }, { "_id": null, "model": "nx 1961", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1973.3700" }, { "_id": null, "model": "nx 1965", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1973.3700" }, { "_id": null, "model": "solid edge", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "se2021" }, { "_id": null, "model": "solid edge", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "se2021" }, { "_id": null, "model": "nx 1988", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1984" }, { "_id": null, "model": "nx 1957", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1973.3700" }, { "_id": null, "model": "solid edge viewer", "scope": null, "trust": 0.7, "vendor": "siemens", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-1122" }, { "db": "NVD", "id": "CVE-2021-41538" } ] }, "configurations": { "_id": null, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "se2021", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1984_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1984", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:nx_1984:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1984_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1984", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:h:siemens:nx_1984:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1988_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1984", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:nx_1988:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1988_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1984", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:h:siemens:nx_1988:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1957_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1973.3700", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:nx_1957:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1957_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1973.3700", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:h:siemens:nx_1957:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1961_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1973.3700", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:nx_1961:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1961_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1973.3700", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:h:siemens:nx_1961:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1965_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1973.3700", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:nx_1965:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1965_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1973.3700", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:h:siemens:nx_1965:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1969_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1973.3700", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:nx_1969:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:nx_1969_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1973.3700", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:h:siemens:nx_1969:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-41538" } ] }, "credits": { "_id": null, "data": "xina1i", "sources": [ { "db": "ZDI", "id": "ZDI-21-1122" }, { "db": "CNNVD", "id": "CNNVD-202109-1835" } ], "trust": 1.3 }, "cve": "CVE-2021-41538", "cvss": { "_id": null, "data": [ { "cvssV2": [ { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2021-41538", "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 1.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "exploitabilityScore": 1.8, "id": "CVE-2021-41538", "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "ZDI", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "exploitabilityScore": 1.8, "id": "CVE-2021-41538", "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 0.7, "userInteraction": "REQUIRED", "vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-41538", "trust": 1.0, "value": "LOW" }, { "author": "ZDI", "id": "CVE-2021-41538", "trust": 0.7, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202109-1835", "trust": 0.6, "value": "LOW" }, { "author": "VULMON", "id": "CVE-2021-41538", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-1122" }, { "db": "VULMON", "id": "CVE-2021-41538" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202109-1835" }, { "db": "NVD", "id": "CVE-2021-41538" } ] }, "description": { "_id": null, "data": "A vulnerability has been identified in NX 1953 Series (All versions \u003c V1973.3700), NX 1980 Series (All versions \u003c V1988), Solid Edge SE2021 (All versions \u003c SE2021MP8). The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied OBJ files. An attacker could leverage this vulnerability to leak information from unexpected memory locations (ZDI-CAN-13770). This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", "sources": [ { "db": "NVD", "id": "CVE-2021-41538" }, { "db": "ZDI", "id": "ZDI-21-1122" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "VULMON", "id": "CVE-2021-41538" } ], "trust": 2.16 }, "external_ids": { "_id": null, "data": [ { "db": "NVD", "id": "CVE-2021-41538", "trust": 2.4 }, { "db": "ZDI", "id": "ZDI-21-1122", "trust": 2.4 }, { "db": "SIEMENS", "id": "SSA-728618", "trust": 1.7 }, { "db": "SIEMENS", "id": "SSA-328042", "trust": 1.6 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-13770", "trust": 0.7 }, { "db": "CS-HELP", "id": "SB2021041363", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021092905", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021111007", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.3454", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.3874", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-21-315-08", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-21-287-06", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202109-1835", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-41538", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-1122" }, { "db": "VULMON", "id": "CVE-2021-41538" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202109-1835" }, { "db": "NVD", "id": "CVE-2021-41538" } ] }, "id": "VAR-202109-1791", "iot": { "_id": null, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.19128205 }, "last_update_date": "2022-05-05T07:03:08.343000Z", "patch": { "_id": null, "data": [ { "title": "", "trust": 0.7, "url": "https://www.siemens.com/cert/advisories/https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf" }, { "title": "Siemens Solid Edge Buffer error vulnerability fix", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=165208" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=3b85ee03e935aff52e55e7402b3926a1" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-1122" }, { "db": "VULMON", "id": "CVE-2021-41538" }, { "db": "CNNVD", "id": "CNNVD-202109-1835" } ] }, "problemtype_data": { "_id": null, "data": [ { "problemtype": "CWE-824", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2021-41538" } ] }, "references": { "_id": null, "data": [ { "trust": 2.4, "url": "https://www.zerodayinitiative.com/advisories/zdi-21-1122/" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf" }, { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-328042.pdf" }, { "trust": 0.7, "url": "https://www.siemens.com/cert/advisories/https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-287-06" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.3874" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.3454" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-41538" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021092905" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-08" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021111007" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/824.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-1122" }, { "db": "VULMON", "id": "CVE-2021-41538" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202109-1835" }, { "db": "NVD", "id": "CVE-2021-41538" } ] }, "sources": { "_id": null, "data": [ { "db": "ZDI", "id": "ZDI-21-1122", "ident": null }, { "db": "VULMON", "id": "CVE-2021-41538", "ident": null }, { "db": "CNNVD", "id": "CNNVD-202104-975", "ident": null }, { "db": "CNNVD", "id": "CNNVD-202109-1835", "ident": null }, { "db": "NVD", "id": "CVE-2021-41538", "ident": null } ] }, "sources_release_date": { "_id": null, "data": [ { "date": "2021-09-30T00:00:00", "db": "ZDI", "id": "ZDI-21-1122", "ident": null }, { "date": "2021-09-28T00:00:00", "db": "VULMON", "id": "CVE-2021-41538", "ident": null }, { "date": "2021-04-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975", "ident": null }, { "date": "2021-09-28T00:00:00", "db": "CNNVD", "id": "CNNVD-202109-1835", "ident": null }, { "date": "2021-09-28T12:15:00", "db": "NVD", "id": "CVE-2021-41538", "ident": null } ] }, "sources_update_date": { "_id": null, "data": [ { "date": "2021-09-30T00:00:00", "db": "ZDI", "id": "ZDI-21-1122", "ident": null }, { "date": "2021-10-01T00:00:00", "db": "VULMON", "id": "CVE-2021-41538", "ident": null }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975", "ident": null }, { "date": "2021-11-18T00:00:00", "db": "CNNVD", "id": "CNNVD-202109-1835", "ident": null }, { "date": "2021-11-28T23:29:00", "db": "NVD", "id": "CVE-2021-41538", "ident": null } ] }, "threat_type": { "_id": null, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202109-1835" } ], "trust": 0.6 }, "title": { "_id": null, "data": "Siemens Solid Edge Viewer OBJ File Parsing Uninitialized Pointer Information Disclosure Vulnerability", "sources": [ { "db": "ZDI", "id": "ZDI-21-1122" } ], "trust": 0.7 }, "type": { "_id": null, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-975" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.