- Description
- A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 10). The affected application is vulnerable to integer underflow vulnerability which can be triggered while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
- Source
- productcert@siemens.com
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 7.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- productcert@siemens.com
- CWE-191
- Hype score
- Not currently trending
SSA-730188 is the last contribution of the year that includes three CVEs (CVE-2024-54093, CVE-2024-54094, CVE-2024-54095). This year I reported dozens of memory corruption vulnerability to Siemens. Looking forward to contribute more next year 🤘 https://t.co/gNVmmiYw12
@zeifan
11 Dec 2024
288 Impressions
1 Retweet
11 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2024-54095 Integer Underflow Vulnerability in Solid Edge SE2024 Allowing Code Execution A vulnerability exists in Solid Edge SE2024, in all versions before V224.0 Update 10. This application has an integer un... https://t.co/jG1pojIob8
@VulmonFeeds
10 Dec 2024
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes