CVE-2024-23795
published 2024-02-13CVE-2024-23795: A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions <…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | tecnomatix_plant_simulation | < 2201.0012 | 2201.0012 |
| siemens | tecnomatix_plant_simulation | >= 2302.0 < 2302.0006 | 2302.0006 |
| siemens | tecnomatix_plant_simulation_v2201 | < V2201.0012 | V2201.0012 |
| siemens | tecnomatix_plant_simulation_v2302 | < V2302.0006 | V2302.0006 |