CVE-2023-49130

2024-01-0910:15:19

CWE-824

[email protected]

web.nvd.nist.gov

vulnerability

solid edge se2023

par files

code execution

uninitialized pointer access

security

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

19.1%

JSON

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Affected configurations

Nvd

Node

siemenssolid_edge_se2023Range<223.0

siemenssolid_edge_se2023Match223.0-

siemenssolid_edge_se2023Match223.0update_0001

siemenssolid_edge_se2023Match223.0update_0002

siemenssolid_edge_se2023Match223.0update_0003

siemenssolid_edge_se2023Match223.0update_0004

siemenssolid_edge_se2023Match223.0update_0005

siemenssolid_edge_se2023Match223.0update_0006

siemenssolid_edge_se2023Match223.0update_0007

siemenssolid_edge_se2023Match223.0update_0008

siemenssolid_edge_se2023Match223.0update_0009

VendorProductVersionCPE
siemenssolid_edge_se2023*cpe:2.3:a:siemens:solid_edge_se2023:*:*:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:-:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0001:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0002:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0003:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0004:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0005:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0006:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0007:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0008:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	solid_edge_se2023	*	cpe:2.3:a:siemens:solid_edge_se2023::::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:-::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0001::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0002::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0003::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0004::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0005::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0006::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0007::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0008::::::