CVE-2021-37180

Summary

A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13775)

Affected Software

VendorProductVersion RangeStatus
SiemensSolid Edge SE2021All Versions < SE2021MP7affected

Weaknesses

  • CWE-824: CWE-824: Access of Uninitialized Pointer

ADP Enrichment

CVE Program Container

Additional References

References