Siemens Solid Edge Out-of-Bounds Reading Vulnerability (CNVD-2023-09118)

Siemens Solid Edge is a 3D CAD software from Siemens (Germany). The software can be used in industries such as part design, assembly design, sheet metal design, welding design, etc. An out-of-bounds read vulnerability exists in Siemens Solid Edge due to the Datakit CrossCadWare_x64.dll used in the affected product parsing specially crafted SLDPRT files that contain out-of-bounds beyond the end of the allocated buffer read. An attacker could exploit this vulnerability to disclose sensitive information.