Heap-Based Buffer Overflow Vulnerability Affects Solid Edge SE2024
CVE-2024-54093

7.8HIGH

Key Information:

Vendor: Siemens
Status: Solid Edge Se2024
Vendor: CVE Published:; 10 December 2024

Summary

A heap-based buffer overflow vulnerability exists in Solid Edge SE2024 which affects all versions prior to V224.0 Update 5. This flaw is triggered while processing specially crafted ASM files, which can lead to potential code execution in the context of the current process. Attackers who exploit this vulnerability could take control of the affected system, posing significant risks to users and organizations utilizing this software. Immediate updates and security measures are recommended to mitigate the threat.

Affected Version(s)

Solid Edge SE2024 0

References

https://cert-portal.siemens.com/productcert/html/ssa-7301...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 10, 2024
Vulnerability Reserved
Nov 28, 2024