CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-41033 – Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-41033
A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.260), Parasolid V35.1 (All versions < V35.1.246), Parasolid V36.0 (All versions < V36.0.156), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21266) Se ha identificado una vulnerabilidad en Parasolid V35.0 (todas las versiones < V35.0.260), Parasolid V35.1 (todas las versiones < V35.1.246), Parasolid V36.0 (todas las versiones < V36.0.156). La aplicación afectada contiene una escritura fuera de los límites más allá del final de una estructura asignada mientras analiza archivos X_T especialmente manipulados. • https://cert-portal.siemens.com/productcert/pdf/ssa-190839.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-887122.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-41032 – Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-41032
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All versions < V36.0.142), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21263) Se ha identificado una vulnerabilidad en Parasolid V34.1 (todas las versiones < V34.1.258), Parasolid V35.0 (todas las versiones < V35.0.253), Parasolid V35.1 (todas las versiones < V35.1.184), Parasolid V36.0 (todas las versiones < V36.0.142). La aplicación afectada contiene una escritura fuera de los límites más allá del final de una estructura asignada mientras analiza archivos X_T especialmente manipulados. • https://cert-portal.siemens.com/productcert/pdf/ssa-190839.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-887122.pdf https://www.bentley.com/advisories/be-2023-0004 • CWE-787: Out-of-bounds Write •