Stack-Based Overflow Vulnerability in Teamcenter and Tecnomatix Products by Siemens
CVE-2024-52572
7.8HIGH
Key Information:
- Vendor
- Siemens
- Status
- Vendor
- CVE Published:
- 18 November 2024
Summary
A significant vulnerability has been discovered in Siemens' Teamcenter Visualization and Tecnomatix Plant Simulation products, specifically affecting various versions that have not been updated. This vulnerability involves a stack-based overflow that can occur during the parsing of specially crafted WRL files. As a result, it presents a risk allowing an attacker to execute arbitrary code within the context of the affected applications. Mitigation strategies should be employed immediately by updating to the specified non-vulnerable versions to safeguard against potential exploits.
Affected Version(s)
Teamcenter Visualization V14.2 0
Teamcenter Visualization V14.3 0
Teamcenter Visualization V2312 0
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published