Siemens Simcenter Nastran vulnerable to memory corruption

CVE-2024-47046

7.8HIGH

Key Information

Vendor: Siemens
Status: Simcenter Nastran 2306; Simcenter Nastran 2312; Simcenter Nastran 2406
Vendor: CVE Published:; 8 October 2024

Summary

A vulnerability has been identified in Simcenter Nastran 2306 (All versions), Simcenter Nastran 2312 (All versions), Simcenter Nastran 2406 (All versions < V2406.5000). The affected application is vulnerable to memory corruption while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process.

Affected Version(s)

Simcenter Nastran 2306 < 0

Simcenter Nastran 2312 < 0

Simcenter Nastran 2406 < 0

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 8, 2024
Vulnerability Reserved.
Sep 17, 2024

Collectors

NVD DatabaseMitre Database