CVE-2023-45601
published 2023-10-10CVE-2023-45601: A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions <…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions < V36.0.169), Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a stack overflow vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21290)
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | parasolid | >= 35.0 < 35.0.262 | 35.0.262 |
| siemens | parasolid | >= 35.1 < 35.1.250 | 35.1.250 |
| siemens | parasolid | >= 36.0 < 36.0.169 | 36.0.169 |
| siemens | parasolid_v35.0 | — | — |
| siemens | parasolid_v35.1 | — | — |
| siemens | parasolid_v36.0 | — | — |
| siemens | tecnomatix | >= 2201 < 2201.0009 | 2201.0009 |
| siemens | tecnomatix | >= 2302 < 2302.0003 | 2302.0003 |
| siemens | tecnomatix_plant_simulation_v2201 | — | — |
| siemens | tecnomatix_plant_simulation_v2302 | — | — |