IGS File Parsing Vulnerability Could Allow Code Execution
CVE-2024-32057

7.3HIGH

Key Information:

Vendor
Siemens
Status
Simcenter Femap
Vendor
CVE Published:
14 May 2024

Summary

A type confusion vulnerability exists in Simcenter Femap that impacts all versions prior to V2406. When the application processes IGS files, this vulnerability may enable an attacker to execute arbitrary code within the context of the current process. This security flaw underscores the need for vigilance in software updates and risk management for users relying on Simcenter Femap.

Affected Version(s)

Simcenter Femap 0

References

https://cert-portal.siemens.com/productcert/html/ssa-9763...
https://cert-portal.siemens.com/productcert/html/ssa-0642...

CVSS V4

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-32057 : IGS File Parsing Vulnerability Could Allow Code Execution | SecurityVulnerability.io