CVE-2024-54095

CWE-1913 documents3 sources

Severity

7.3HIGH

EPSS

0.1%

top 72.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Solid Edge Se2024

Timeline

PublishedDec 10

Description

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 10). The affected application is vulnerable to integer underflow vulnerability which can be triggered while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5siemens/solid_edge_se2024< V224.0 Update 10

▶NVDsiemens/solid_edge_se2024< 224.0+1

🔴Vulnerability Details

GHSA

GHSA-f5vq-gp8f-87xv: A vulnerability has been identified in Solid Edge SE2024 (All versions < V224↗2024-12-10

▶

CVEList

CVE-2024-54095: A vulnerability has been identified in Solid Edge SE2024 (All versions < V224↗2024-12-10

▶