Solid Edge Vulnerability: Out of Bounds Read Could Lead to Code Execution
CVE-2024-33493

7.8HIGH

Key Information:

Vendor: Siemens
Status: Solid Edge
Vendor: CVE Published:; 14 May 2024

Summary

A vulnerability has been identified in Solid Edge affecting all versions prior to V224.0 Update 5. The flaw allows for an out of bounds read, which occurs when specially crafted PAR files are parsed. This could potentially enable an attacker to execute arbitrary code within the context of the running process, posing significant security risks to users who have not updated to the specified version.

Affected Version(s)

Solid Edge 0

References

https://cert-portal.siemens.com/productcert/html/ssa-5899...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 14, 2024
Vulnerability Reserved
Apr 23, 2024