CVE-2023-24555
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
Se ha identificado una vulnerabilidad en Solid Edge SE2022 (Todas las versiones < V222.0MP12), Solid Edge SE2023 (Todas las versiones < V223.0Update2). Las aplicaciones afectadas contienen una lectura fuera de los límites más allá del final de una estructura asignada mientras analizan archivos PAR especialmente manipulados. Esto podría permitir a un atacante ejecutar código en el contexto del proceso actual.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-01-26 CVE Reserved
- 2023-02-14 CVE Published
- 2024-08-02 CVE Updated
- 2024-09-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf | 2024-02-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | - | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_1 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_1" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_2 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_2" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_3 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_3" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_4 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_4" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_5 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_5" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_7 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_7" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_8 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_8" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_9 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_9" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_10 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_10" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2022 Search vendor "Siemens" for product "Solid Edge Se2022" | maintenance_pack_11 Search vendor "Siemens" for product "Solid Edge Se2022" and version "maintenance_pack_11" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Solid Edge Se2023 Search vendor "Siemens" for product "Solid Edge Se2023" | < 2210.0002.004 Search vendor "Siemens" for product "Solid Edge Se2023" and version " < 2210.0002.004" | - |
Affected
| ||||||