Femap Vulnerability: Out-of-Bounds Write in Catia MODEL File Parsing
CVE-2024-24924

7.8HIGH

Key Information:

Vendor: Siemens
Status: Simcenter Femap
Vendor: CVE Published:; 13 February 2024

Summary

A security vulnerability exists in Simcenter Femap across all versions prior to V2306.0000, which can lead to an out of bounds write. This vulnerability is triggered when the application processes specially crafted Catia MODEL files, resulting in the potential execution of arbitrary code within the context of the current process. This situation poses significant risks as it may allow an attacker to manipulate the application in unexpected ways, underscoring the importance of applying appropriate patches and updates.

Affected Version(s)

Simcenter Femap 0

References

https://cert-portal.siemens.com/productcert/html/ssa-0000...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 13, 2024
Vulnerability Reserved
Feb 1, 2024