Lucene search
IcscertCVELIST:CVE-2023-0973HistoryMar 13, 2023 - 5:06 p.m.
CVE-2023-0973 Step Tools Third-Party
2023-03-1317:06:05
CWE-476
icscert
www.cve.org
3
cve-2023-0973
step tools
third-party
ifcmesh library
null pointer dereference
application crash
CVSS3
2.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
20.5%
STEPTools v18SP1 ifcmesh library (v18.1) is affected due to a null pointer dereference, which could allow an attacker to deny application usage when reading a specially constructed file, resulting in an application crash.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "v18SP1 ifcmesh library",
"vendor": "Step Tools",
"versions": [
{
"status": "affected",
"version": "v18.1"
}
]
}
]Related
prion
prion
Null pointer dereference
2023-03-13 18:15:00
zdi
zdi
ics
ics
Step Tools Third-Party
2023-03-09 12:00:00
Siemens Solid Edge
2023-05-11 12:00:00
cve
cve
CVE-2023-0973
2023-03-13 18:15:12
nvd
nvd
CVE-2023-0973
2023-03-13 18:15:12
CVSS3
2.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
20.5%
Related for CVELIST:CVE-2023-0973