Lucene search

[email protected]NVD:CVE-2023-24565

HistoryFeb 14, 2023 - 11:15 a.m.

CVE-2023-24565

2023-02-1411:15:16

CWE-125

[email protected]

web.nvd.nist.gov

solid edge

vulnerability

stl file

sensitive information

out of bounds read

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

15.9%

JSON

A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted STL file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19428)

Affected configurations

Nvd

Node

siemenssolid_edge_se2023Range<2210.0002.004

VendorProductVersionCPE
siemenssolid_edge_se2023*cpe:2.3:a:siemens:solid_edge_se2023:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	solid_edge_se2023	*	cpe:2.3:a:siemens:solid_edge_se2023::::::::

References

cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

15.9%

JSON

Related for NVD:CVE-2023-24565

prion1 cnvd1 cve1 zdi1 cvelist1 ics1