CVE-2023-38528 — Out-of-bounds Write in Siemens Parasolid V34.1

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

7.3HIGHNVD

EPSS

0.1%

top 77.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Parasolid V34.1 Siemens Parasolid V35.0 Siemens Parasolid V35.1 +5 more

Timeline

PublishedAug 8

Description

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.197), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains an out of bounds write past the end of an allocated buffer while parsing …

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages8 packages

▶NVDsiemens/teamcenter_visualization14.1 — 14.1.0.11+2

▶CVEListV5siemens/teamcenter_visualization_v14.1< V14.1.0.11

▶CVEListV5siemens/teamcenter_visualization_v14.2< V14.2.0.6

▶CVEListV5siemens/teamcenter_visualization_v14.3< V14.3.0.3

▶NVDsiemens/parasolid34.1 — 34.1.258+2

Patches

Patch: cert-portal.siemens.com ↗Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-8chw-p7f8-q8g6: A vulnerability has been identified in Parasolid V34↗2023-08-08

▶

CVEList

CVE-2023-38528: A vulnerability has been identified in Parasolid V34↗2023-08-08

▶