CVE-2023-41032

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

7.8HIGH

EPSS

0.1%

top 69.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Parasolid Siemens Simcenter Femap Siemens Parasolid V34.1 +5 more

Timeline

PublishedSep 12

Latest updateSep 14

Description

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All versions < V36.0.142), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages8 packages

▶CVEListV5siemens/simcenter_femap_v2301All versions < V2301.0003

▶CVEListV5siemens/simcenter_femap_v2306All versions < V2306.0001

▶NVDsiemens/parasolid34.1 — 34.1.258+3

▶NVDsiemens/simcenter_femap2301.0 — 2301.0003+1

▶CVEListV5siemens/parasolid_v34.1All versions < V34.1.258

🔴Vulnerability Details

GHSA

GHSA-h54p-v85c-f69r: A vulnerability has been identified in Parasolid V34↗2023-09-14

▶

CVEList

CVE-2023-41032: A vulnerability has been identified in Parasolid V34↗2023-09-12

▶