CVE-2023-24559
Published Feb 14, 2023
Last updated 2 years ago
Overview
- Description
- A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
- Source
- productcert@siemens.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- productcert@siemens.com
- CWE-125
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C855788-002F-41E5-BC01-8597E66EDE1C",
"versionEndExcluding": "2210.0002.004"
}
],
"operator": "OR"
}
]
}
]