CVE-2024-54091
published 2024-12-10CVE-2024-54091: A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 12), Solid Edge SE2025 (All versions < V225.0 Update 3). The affected…
high7.3CVSS 4.0
AVLACHATNPRNUIPVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 12), Solid Edge SE2025 (All versions < V225.0 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer while parsing X_T data or a specially crafted file in X_T format.
This could allow an attacker to execute code in the context of the current process.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | parasolid | >= 36.1 < 36.1.225 | 36.1.225 |
| siemens | parasolid | >= 37.0 < 37.0.173 | 37.0.173 |
| siemens | solid_edge_se2024 | < V224.0 Update 12 | V224.0 Update 12 |
| siemens | solid_edge_se2024 | — | — |
| siemens | solid_edge_se2025 | < V225.0 Update 3 | V225.0 Update 3 |
| siemens | solid_edge_se2025 | — | — |