DLL Hijacking Vulnerability Affects Solid Edge SE2024
CVE-2024-47942

7.3HIGH

Key Information:

Vendor: Siemens
Status: Solid Edge Se2024
Vendor: CVE Published:; 12 November 2024

Summary

Solid Edge SE2024 has been found susceptible to a DLL hijacking vulnerability that affects all versions prior to V224.0 Update 9. This flaw permits an attacker to place a maliciously crafted DLL file in specific locations on the target system, which could lead to the execution of arbitrary code. The exploit of this vulnerability may result in unauthorized access and manipulation of system resources, potentially compromising the integrity and confidentiality of sensitive data.

Affected Version(s)

Solid Edge SE2024 0

References

https://cert-portal.siemens.com/productcert/html/ssa-3511...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2024
Vulnerability Reserved
Oct 7, 2024