Specially Crafted WRL File Vulnerability Affects Tecnomatix Plant Simulation

CVE-2024-45470
7.8HIGH

Key Information

Vendor
Siemens
Status
Tecnomatix Plant Simulation V2302
Tecnomatix Plant Simulation V2404
Vendor
CVE Published:
8 October 2024

Summary

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.

Affected Version(s)

Tecnomatix Plant Simulation V2302 < 0

Tecnomatix Plant Simulation V2404 < 0

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database
.