Lucene search
Francis Provencher {PRL}ZDI-21-780HistoryJul 07, 2021 - 12:00 a.m.
Siemens Simcenter Femap modfem File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2021-07-0700:00:00
Francis Provencher {PRL}
www.zerodayinitiative.com
52
siemens
simcenter
femap
modfem
file parsing
out-of-bounds write
remote code execution
vulnerability
user interaction
malicious page
malicious file
data validation
allocated data structure
current process
EPSS
0.001
Percentile
34.0%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of modfem files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
ics
ics
Siemens Simcenter Femap
2021-06-08 12:00:00
cve
cve
CVE-2021-27399
2021-06-08 20:15:08
CVE-2021-27387
2021-06-08 20:15:08
cvelist
cvelist
CVE-2021-27399
2021-06-08 19:47:16
CVE-2021-27387
2021-06-08 19:47:16
nvd
nvd
CVE-2021-27387
2021-06-08 20:15:08
CVE-2021-27399
2021-06-08 20:15:08
prion
prion
Default credentials
2021-06-08 20:15:00
Default credentials
2021-06-08 20:15:00