Siemens Simcenter Femap vulnerabilities

CVE-2024-32055 [HIGH] CWE-125 CVE-2024-32055: A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applicat A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process.

CVE-2024-32059 [HIGH] CWE-125 CVE-2024-32059: A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applicat A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21564)

CVE-2024-32057 [HIGH] CWE-843 CVE-2024-32057: A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applicat A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21562)

CVE-2024-32058 [HIGH] CWE-119 CVE-2024-32058: A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applicat A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application is vulnerable to memory corruption while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21563)

CVE-2024-32063 [HIGH] CWE-843 CVE-2024-32063: A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applicat A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21573)

CVE-2024-32065 [HIGH] CWE-125 CVE-2024-32065: A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applicat A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21577)

CVE-2024-32060 [HIGH] CWE-125 CVE-2024-32060: A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applicat A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21565)

CVE-2024-32061 [HIGH] CWE-125 CVE-2024-32061: A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applicat A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21566)

CVE-2024-27907 [HIGH] CWE-787 CVE-2024-27907: A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected app A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22051)

CVE-2024-24924 [HIGH] CWE-787 CVE-2024-24924: A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected app A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22059)

CVE-2024-24921 [HIGH] CWE-119 CVE-2024-24921: A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected app A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21712)

CVE-2024-24923 [HIGH] CWE-125 CVE-2024-24923: A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000), Simcenter Femap A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000), Simcenter Femap (All versions < V2306.0001). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current proc

CVE-2024-24925 [HIGH] CWE-824 CVE-2024-24925: A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected app A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-22060)

CVE-2024-24920 [HIGH] CWE-787 CVE-2024-24920: A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected app A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21710)

CVE-2024-24922 [HIGH] CWE-787 CVE-2024-24922: A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected app A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21715)

CVE-2023-41033 [HIGH] CWE-787 CVE-2023-41033: A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.260), Parasolid V35.1 ( A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.260), Parasolid V35.1 (All versions < V35.1.246), Parasolid V36.0 (All versions < V36.0.156), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allo

CVE-2023-41032 [HIGH] CWE-787 CVE-2023-41032: A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 ( A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All versions < V36.0.142), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an

CVE-2022-39157 [HIGH] CWE-125 CVE-2022-39157: A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.0 ( A vulnerability has been identified in Parasolid V34.0 (All versions = V34.0.252 = V34.1.242 = V35.0.170 < V35.0.184), Simcenter Femap (All versions < V2023.1). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the co

CVE-2022-43397 [HIGH] CWE-787 CVE-2022-43397: A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 ( A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Simcenter Femap (All versions < V2023.1). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This

CVE-2022-41851 [HIGH] CWE-824 CVE-2022-41851: A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to exe