CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25175 – Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-25175
13 Mar 2025 — A vulnerability has been identified in Simcenter Femap V2401 (All versions < V2401.0003), Simcenter Femap V2406 (All versions < V2406.0002). The affected application contains a memory corruption vulnerability while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-25443) Se ha identificado una vulnerabilidad en Simcenter Femap V2401 (todas las versiones anteriores a V2401.0003) y Simcenter Femap V2406 (todas las versiones anter... • https://cert-portal.siemens.com/productcert/html/ssa-920092.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47046
https://notcve.org/view.php?id=CVE-2024-47046
08 Oct 2024 — A vulnerability has been identified in Simcenter Nastran 2306 (All versions), Simcenter Nastran 2312 (All versions), Simcenter Nastran 2406 (All versions < V2406.5000). The affected application is vulnerable to memory corruption while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versions). The... • https://cert-portal.siemens.com/productcert/html/ssa-852501.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-41981
https://notcve.org/view.php?id=CVE-2024-41981
08 Oct 2024 — A vulnerability has been identified in Simcenter Nastran 2306 (All versions), Simcenter Nastran 2312 (All versions), Simcenter Nastran 2406 (All versions < V2406.5000). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versi... • https://cert-portal.siemens.com/productcert/html/ssa-852501.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33654
https://notcve.org/view.php?id=CVE-2024-33654
09 Jul 2024 — A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process. Se ha identificado una vulnerabilidad en Simcenter Femap (Todas las versiones < V2406). Las aplicaciones afectadas contienen una lectura fuera de los límites más allá del final de una estructura asignada mien... • https://cert-portal.siemens.com/productcert/html/ssa-064222.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33653
https://notcve.org/view.php?id=CVE-2024-33653
09 Jul 2024 — A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process. Se ha identificado una vulnerabilidad en Simcenter Femap (Todas las versiones < V2406). Las aplicaciones afectadas contienen una lectura fuera de los límites más allá del final de una estructura asignada mien... • https://cert-portal.siemens.com/productcert/html/ssa-064222.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32056
https://notcve.org/view.php?id=CVE-2024-32056
09 Jul 2024 — A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted IGS part file. This could allow an attacker to execute code in the context of the current process. Se ha identificado una vulnerabilidad en Simcenter Femap (Todas las versiones < V2406). La aplicación afectada contiene una escritura fuera de los límites más allá del final de un búfer asignado mientras ... • https://cert-portal.siemens.com/productcert/html/ssa-064222.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33577
https://notcve.org/view.php?id=CVE-2024-33577
14 May 2024 — A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain a stack overflow vulnerability while parsing specially strings as argument for one of the application binaries. This could allow an attacker to execute code in the context of the current process. Se ha identificado una vulnerabilidad en Simcenter Nastran 2306 (Todas las versiones), Simcenter Nastran 2312 (Todas las versiones), Simcenter Nastran 2406 (Todas las versiones < V2406.90). Las aplica... • https://cert-portal.siemens.com/productcert/html/ssa-064222.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27907 – Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-27907
12 Mar 2024 — A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22051) Se ha identificado una vulnerabilidad en Simcenter Femap (Todas las versiones < V2306.0000). La aplicación afectada contiene una escritura fuera de los límites más allá del final d... • https://cert-portal.siemens.com/productcert/html/ssa-000072.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24925 – Siemens Simcenter Femap MODEL File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-24925
13 Feb 2024 — A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-22060) Se ha identificado una vulnerabilidad en Simcenter Femap (Todas las versiones < V2306.0000). La aplicación afectada es vulnerable al acceso al puntero no inicializado mientras analiza ar... • https://cert-portal.siemens.com/productcert/html/ssa-000072.html • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24924 – Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-24924
13 Feb 2024 — A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22059) Se ha identificado una vulnerabilidad en Simcenter Femap (Todas las versiones < V2306.0000). La aplicación afectada contiene una escritura fuera de los límites más allá del final d... • https://cert-portal.siemens.com/productcert/html/ssa-000072.html • CWE-787: Out-of-bounds Write •