CVE-2023-24565Out-of-bounds Read in Siemens Solid Edge Se2023

CWE-125Out-of-bounds Read3 documents3 sources
Severity
5.5MEDIUMNVD
CNA3.3
EPSS
0.1%
top 80.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Siemens Solid Edge Se2023Siemens Solid Edge Se2022
Timeline
PublishedFeb 14

Description

A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted STL file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19428)

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5siemens/solid_edge_se2022All versions, All versions < V222.0MP12+1
NVDsiemens/solid_edge_se2023< 2210.0002.004
CVEListV5siemens/solid_edge_se2023All versions < V223.0Update2

🔴Vulnerability Details

2
GHSA
GHSA-5p6m-pfpj-j72p: A vulnerability has been identified in Solid Edge SE2022 (All versions < V2210Update12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All vers2023-02-14
CVEList
CVE-2023-24565: A vulnerability has been identified in Solid Edge SE2022 (All versions < V2222023-02-14
CVE-2023-24565 — Out-of-bounds Read in Siemens | cvebase