CVE-2024-32058Improper Restriction of Operations within the Bounds of a Memory Buffer in Siemens Simcenter Femap

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
7.3HIGHNVD
EPSS
0.1%
top 68.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Siemens Simcenter FemapSiemens PS Iges Parasolid Translator
Timeline
PublishedMay 14

Description

A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application is vulnerable to memory corruption while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21563)

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages3 packages

CVEListV5siemens/simcenter_femap< V2406
NVDsiemens/simcenter_femap< 2406.0000

🔴Vulnerability Details

2
CVEList
CVE-2024-32058: A vulnerability has been identified in Simcenter Femap (All versions < V2406)2024-05-14
GHSA
GHSA-rvv4-g4fx-3p69: A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V272024-05-14
CVE-2024-32058 — Siemens Simcenter Femap vulnerability | cvebase