CVE-2024-32064 — Out-of-bounds Read in Siemens Simcenter Femap

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

7.3HIGHNVD

EPSS

0.2%

top 62.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simcenter Femap Siemens PS Iges Parasolid Translator

Timeline

PublishedMay 14

Description

A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21575)

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages3 packages

▶CVEListV5siemens/simcenter_femap< V2406

▶NVDsiemens/simcenter_femap< 2406.0000

▶NVDsiemens/ps_iges_parasolid_translator< 27.1.215

🔴Vulnerability Details

CVEList

CVE-2024-32064: A vulnerability has been identified in Simcenter Femap (All versions < V2406)↗2024-05-14

▶

GHSA

GHSA-vmpr-4398-v88v: A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V27↗2024-05-14

▶