CVE-2021-27398

Summary

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27396. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13290)

Affected Software

VendorProductVersion RangeStatus
SiemensTecnomatix Plant SimulationAll versions < V16.0.5affected

Weaknesses

  • CWE-121: CWE-121: Stack-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References