CVE-2024-41981 — Heap-based Buffer Overflow in Siemens Simcenter Femap V2306

CWE-122 — Heap-based Buffer Overflow3 documents3 sources

Severity

7.3HIGHNVD

EPSS

0.0%

top 86.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simcenter Femap V2306 Siemens Simcenter Femap V2401 Siemens Simcenter Femap V2406

Timeline

PublishedOct 8

Description

A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versions). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages3 packages

▶CVEListV5siemens/simcenter_femap_v2306< *

▶CVEListV5siemens/simcenter_femap_v2401< *

▶CVEListV5siemens/simcenter_femap_v2406< *

🔴Vulnerability Details

GHSA

GHSA-356q-8vgj-62xf: A vulnerability has been identified in Simcenter Nastran 2306 (All versions), Simcenter Nastran 2312 (All versions), Simcenter Nastran 2406 (All versi↗2024-10-08

▶

CVEList

CVE-2024-41981: A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versions↗2024-10-08

▶