Siemens Tecnomatix Plant Simulation vulnerabilities

CVE-2023-24992 [HIGH] CWE-787 CVE-2023-24992: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19814)

CVE-2023-24989 [HIGH] CWE-787 CVE-2023-24989: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19811)

CVE-2023-24982 [HIGH] CWE-787 CVE-2023-24982: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19804)

CVE-2023-24995 [HIGH] CWE-787 CVE-2023-24995: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19817)

CVE-2021-27397 [HIGH] CWE-119 CVE-2021-27397: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The Pla A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN

CVE-2021-27398 [HIGH] CVE-2021-27398: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The Pla A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27396. An attacker could leverage this vulnerability to execute code in the c

CVE-2021-27396 [HIGH] CWE-121 CVE-2021-27396: A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The Pla A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27398. An attacker could leverage this vulnerability to execute code