Out of Bounds Read Vulnerability in Simcenter Femap by Siemens
CVE-2024-33654

7.8HIGH

Key Information:

Vendor: Siemens
Status: Simcenter Femap
Vendor: CVE Published:; 9 July 2024

Summary

A vulnerability identified in Simcenter Femap affects all versions prior to V2406, allowing an out of bounds read beyond the end of an allocated structure when processing specially crafted BMP files. This flaw could enable an attacker to potentially execute arbitrary code within the context of the current process, posing risks to the integrity and confidentiality of data managed by the application. Users of Simcenter Femap are advised to update to the latest version to mitigate this risk.

References

https://cert-portal.siemens.com/productcert/html/ssa-0642...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 9, 2024