CVE-2023-38525

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

7.3HIGH

EPSS

0.1%

top 73.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Parasolid V34.1 Siemens Parasolid V35.0 Siemens Parasolid V35.1 +5 more

Timeline

PublishedAug 8

Description

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could al…

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages8 packages

▶NVDsiemens/teamcenter_visualization14.1 — 14.1.0.11+2

▶CVEListV5siemens/teamcenter_visualization_v14.1< V14.1.0.11

▶CVEListV5siemens/teamcenter_visualization_v14.2< V14.2.0.6

▶CVEListV5siemens/teamcenter_visualization_v14.3< V14.3.0.3

▶NVDsiemens/parasolid34.1 — 34.1.258+2

Patches

Patch: cert-portal.siemens.com ↗Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-g6c5-286g-qh43: A vulnerability has been identified in Parasolid V34↗2023-08-08

▶

CVEList

CVE-2023-38525: A vulnerability has been identified in Parasolid V34↗2023-08-08

▶