Out of Bounds Write Vulnerability in Siemens Teamcenter Visualization and Tecnomatix
CVE-2024-52569

7.8HIGH

Key Information:

Vendor: Siemens
Status: Teamcenter Visualization V14.2; Teamcenter Visualization V14.3; Teamcenter Visualization V2312; Teamcenter Visualization V2406
Vendor: CVE Published:; 18 November 2024

Summary

A vulnerability present in Siemens' Teamcenter Visualization and Tecnomatix Plant Simulation products involves an out of bounds write that can occur when processing specially crafted WRL files. This flaw may enable an attacker to execute arbitrary code within the context of the affected process, potentially leading to unauthorized actions and system compromise. The vulnerability affects multiple versions of Teamcenter Visualization and Tecnomatix Plant Simulation, underscoring the importance of applying security patches and updates to mitigate the risks associated with this issue. Organizations using these products should review their versioning and implement necessary safeguards to protect against potential exploits.

Affected Version(s)

Teamcenter Visualization V14.2 0

Teamcenter Visualization V14.3 0

Teamcenter Visualization V2312 0

References

https://cert-portal.siemens.com/productcert/html/ssa-8245...

https://cert-portal.siemens.com/productcert/html/ssa-6451...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 18, 2024