← voltar
CVE-2023-38524

CVE-2023-38524

CVSS 2 LOWEPSS 0.2%CWE-476
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain null pointer dereference while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Produtos afetados
Siemens · Parasolid V34.1Siemens · Parasolid V35.0Siemens · Parasolid V35.1Siemens · Teamcenter Visualization V14.1Siemens · Teamcenter Visualization V14.2Siemens · Teamcenter Visualization V14.3

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://cert-portal.siemens.com/productcert/html/ssa-407785.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf