NX Parsing Vulnerability Could Lead to Code Execution

CVE-2024-41908

7.8HIGH

Key Information

Vendor: Siemens
Status: Nx
Vendor: CVE Published:; 13 August 2024

Summary

A vulnerability has been identified in NX (All versions < V2406.3000). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.

Affected Version(s)

NX < 0

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 13, 2024
Vulnerability Reserved.
Jul 23, 2024

Collectors

NVD DatabaseMitre Database