A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.263), Parasolid V35.1 (All versions < V35.1.252), Parasolid V36.0 (All versions < V36.0.198), Solid Edge SE2023 (All versions < V223.0 Update 11), Solid Edge SE2024 (All versions < V224.0 Update 3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted files containing XT format. This could allow an attacker to execute code in the context of the current process.
History

Fri, 18 Oct 2024 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Siemens
Siemens parasolid
Siemens solid Edge Se2023
Siemens solid Edge Se2024
CPEs cpe:2.3:a:siemens:parasolid:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0001:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0002:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0003:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0004:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0005:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0006:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0007:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0008:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0009:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0010:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2024:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0001:*:*:*:*:*:*
cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_0002:*:*:*:*:*:*
Vendors & Products Siemens
Siemens parasolid
Siemens solid Edge Se2023
Siemens solid Edge Se2024

cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2024-02-13T08:59:57.813Z

Updated: 2024-08-02T21:46:29.325Z

Reserved: 2023-11-22T14:43:13.524Z

Link: CVE-2023-49125

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-02-13T09:15:46.173

Modified: 2024-11-21T08:32:53.063

Link: CVE-2023-49125

cve-icon Redhat

No data.