CVE-2025-23396
published 2025-03-11CVE-2025-23396: A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009)…
high7.3CVSS 4.0
AVLACHATNPRNUIPVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.
This could allow an attacker to execute code in the context of the current process.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | teamcenter_visualization | >= 14.0.0 < 14.3.0.13 | 14.3.0.13 |
| siemens | teamcenter_visualization | >= 2312.0 < 2312.0009 | 2312.0009 |
| siemens | teamcenter_visualization | >= 2406.0 < 2406.0007 | 2406.0007 |
| siemens | teamcenter_visualization | >= 2412.0 < 2412.0002 | 2412.0002 |
| siemens | teamcenter_visualization_v14.3 | < V14.3.0.13 | V14.3.0.13 |
| siemens | teamcenter_visualization_v2312 | < V2312.0009 | V2312.0009 |
| siemens | teamcenter_visualization_v2406 | < V2406.0007 | V2406.0007 |
| siemens | teamcenter_visualization_v2412 | < V2412.0002 | V2412.0002 |
| siemens | tecnomatix_plant_simulation | >= 2302.0 < 2302.0021 | 2302.0021 |
| siemens | tecnomatix_plant_simulation | >= 2404.0 < 2404.0010 | 2404.0010 |
| siemens | tecnomatix_plant_simulation_v2302 | < V2302.0021 | V2302.0021 |
| siemens | tecnomatix_plant_simulation_v2404 | < V2404.0010 | V2404.0010 |