CVE-2024-22043

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 88.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Siemens Parasolid V35.0Siemens Parasolid V35.1Siemens Parasolid
Timeline
PublishedFeb 13

Description

A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.251), Parasolid V35.1 (All versions < V35.1.170). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted XT files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages3 packages

NVDsiemens/parasolid35.035.0.251+1
CVEListV5siemens/parasolid_v35.0< V35.0.251
CVEListV5siemens/parasolid_v35.1< V35.1.170

🔴Vulnerability Details

2
GHSA
GHSA-mwg3-qwxc-phh9: A vulnerability has been identified in Parasolid V352024-02-13
CVEList
CVE-2024-22043: A vulnerability has been identified in Parasolid V352024-02-13
CVE-2024-22043 (MEDIUM CVSS 5.5) | A vulnerability has been identified | cvebase.io