cbcvebase.
CVE-2022-24290
published 2022-05-20

CVE-2022-24290: A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All…

PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.19%
64.0th percentile
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash.

Affected

12 ranges
VendorProductVersion rangeFixed in
siemensteamcenter
siemensteamcenter>= 12.4 < 12.4.0.1312.4.0.13
siemensteamcenter>= 13.0 < 13.0.0.913.0.0.9
siemensteamcenter>= 13.1 < 13.1.0.913.1.0.9
siemensteamcenter>= 13.2 < 13.2.0.813.2.0.8
siemensteamcenter>= 13.3 < 13.3.0.313.3.0.3
siemensteamcenter_v12.4
siemensteamcenter_v13.0
siemensteamcenter_v13.1
siemensteamcenter_v13.2
siemensteamcenter_v13.3
siemensteamcenter_v14.0

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.