Tecnomatix Plant Simulation Vulnerability Leads to Denial of Service
CVE-2024-45476
3.3LOW
Key Information
- Vendor
- Siemens
- Status
- Tecnomatix Plant Simulation V2302
- Tecnomatix Plant Simulation V2404
- Vendor
- CVE Published:
- 8 October 2024
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted WRL files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
Affected Version(s)
Tecnomatix Plant Simulation V2302 < 0
Tecnomatix Plant Simulation V2404 < 0
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database