CVE-2023-37248
published 2023-07-11CVE-2023-37248: A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions <…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21155)
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | tecnomatix | >= 2201 < 2201.0008 | 2201.0008 |
| siemens | tecnomatix | >= 2302 < 2302.0002 | 2302.0002 |
| siemens | tecnomatix_plant_simulation_v2201 | — | — |
| siemens | tecnomatix_plant_simulation_v2302 | — | — |