CVE-2021-41538

Siemens Solid Edge Viewer OBJ File Parsing Uninitialized Pointer Information Disclosure Vulnerability

Severity Score

3.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied OBJ files. An attacker could leverage this vulnerability to leak information from unexpected memory locations (ZDI-CAN-13770).

Se ha identificado una vulnerabilidad en NX 1953 Series (Todas las versiones anteriores a V1973.3700), NX 1980 Series (Todas las versiones anteriores a V1988), Solid Edge SE2021 (Todas las versiones anteriores a SE2021MP8). La aplicación afectada es vulnerable a la divulgación de información por el acceso inesperado a un puntero no inicializado mientras se analizan los archivos OBJ suministrados por el usuario. Un atacante podría aprovechar esta vulnerabilidad para filtrar información desde ubicaciones de memoria inesperadas (ZDI-CAN-13770)

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.

*Credits: xina1i

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-09-21 CVE Reserved
2021-09-28 CVE Published
2024-08-04 CVE Updated
2024-09-16 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-824: Access of Uninitialized Pointer

CAPEC

References (3)

URL	Tag	Source
https://www.zerodayinitiative.com/advisories/ZDI-21-1122	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://cert-portal.siemens.com/productcert/pdf/ssa-328042.pdf	2021-11-28
https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf	2021-11-28

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"	Nx 1984 Firmware Search vendor "Siemens" for product "Nx 1984 Firmware"	< 1984 Search vendor "Siemens" for product "Nx 1984 Firmware" and version " < 1984"	-	Affected	in	Siemens Search vendor "Siemens"	Nx 1984 Search vendor "Siemens" for product "Nx 1984"	-	-	Safe
Siemens Search vendor "Siemens"	Nx 1988 Firmware Search vendor "Siemens" for product "Nx 1988 Firmware"	< 1984 Search vendor "Siemens" for product "Nx 1988 Firmware" and version " < 1984"	-	Affected	in	Siemens Search vendor "Siemens"	Nx 1988 Search vendor "Siemens" for product "Nx 1988"	-	-	Safe
Siemens Search vendor "Siemens"	Nx 1957 Firmware Search vendor "Siemens" for product "Nx 1957 Firmware"	< 1973.3700 Search vendor "Siemens" for product "Nx 1957 Firmware" and version " < 1973.3700"	-	Affected	in	Siemens Search vendor "Siemens"	Nx 1957 Search vendor "Siemens" for product "Nx 1957"	-	-	Safe
Siemens Search vendor "Siemens"	Nx 1961 Firmware Search vendor "Siemens" for product "Nx 1961 Firmware"	< 1973.3700 Search vendor "Siemens" for product "Nx 1961 Firmware" and version " < 1973.3700"	-	Affected	in	Siemens Search vendor "Siemens"	Nx 1961 Search vendor "Siemens" for product "Nx 1961"	-	-	Safe
Siemens Search vendor "Siemens"	Nx 1965 Firmware Search vendor "Siemens" for product "Nx 1965 Firmware"	< 1973.3700 Search vendor "Siemens" for product "Nx 1965 Firmware" and version " < 1973.3700"	-	Affected	in	Siemens Search vendor "Siemens"	Nx 1965 Search vendor "Siemens" for product "Nx 1965"	-	-	Safe
Siemens Search vendor "Siemens"	Nx 1969 Firmware Search vendor "Siemens" for product "Nx 1969 Firmware"	< 1973.3700 Search vendor "Siemens" for product "Nx 1969 Firmware" and version " < 1973.3700"	-	Affected	in	Siemens Search vendor "Siemens"	Nx 1969 Search vendor "Siemens" for product "Nx 1969"	-	-	Safe
Siemens Search vendor "Siemens"		Solid Edge Search vendor "Siemens" for product "Solid Edge"				< se2021 Search vendor "Siemens" for product "Solid Edge" and version " < se2021"		-		Affected
Siemens Search vendor "Siemens"		Solid Edge Search vendor "Siemens" for product "Solid Edge"				se2021 Search vendor "Siemens" for product "Solid Edge" and version "se2021"		-		Affected
Siemens Search vendor "Siemens"		Solid Edge Search vendor "Siemens" for product "Solid Edge"				se2021 Search vendor "Siemens" for product "Solid Edge" and version "se2021"		maintenance_pack1		Affected
Siemens Search vendor "Siemens"		Solid Edge Search vendor "Siemens" for product "Solid Edge"				se2021 Search vendor "Siemens" for product "Solid Edge" and version "se2021"		maintenance_pack2		Affected
Siemens Search vendor "Siemens"		Solid Edge Search vendor "Siemens" for product "Solid Edge"				se2021 Search vendor "Siemens" for product "Solid Edge" and version "se2021"		maintenance_pack3		Affected
Siemens Search vendor "Siemens"		Solid Edge Search vendor "Siemens" for product "Solid Edge"				se2021 Search vendor "Siemens" for product "Solid Edge" and version "se2021"		maintenance_pack4		Affected
Siemens Search vendor "Siemens"		Solid Edge Search vendor "Siemens" for product "Solid Edge"				se2021 Search vendor "Siemens" for product "Solid Edge" and version "se2021"		maintenance_pack5		Affected
Siemens Search vendor "Siemens"		Solid Edge Search vendor "Siemens" for product "Solid Edge"				se2021 Search vendor "Siemens" for product "Solid Edge" and version "se2021"		maintenance_pack6		Affected
Siemens Search vendor "Siemens"		Solid Edge Search vendor "Siemens" for product "Solid Edge"				se2021 Search vendor "Siemens" for product "Solid Edge" and version "se2021"		maintenance_pack7		Affected