Vulnerability in Tecnomatix Plant Simulation Could Allow Execution of Code
CVE-2024-45465
7.8HIGH
Key Information:
- Vendor
- Siemens
- Status
- Vendor
- CVE Published:
- 8 October 2024
Summary
A significant vulnerability exists in multiple versions of Teamcenter Visualization and Tecnomatix Plant Simulation by Siemens. This issue arises from an out of bounds read that occurs when the applications parse specially crafted WRL files. Exploitation of this vulnerability may allow an attacker to execute arbitrary code within the context of the current process, potentially compromising the integrity and confidentiality of the affected system.
Affected Version(s)
Teamcenter Visualization V14.2 0
Teamcenter Visualization V14.3 0
Teamcenter Visualization V2312 0
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved