CVE-2024-41170

Summary

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0015), Tecnomatix Plant Simulation V2404 (All versions < V2404.0004). The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.

Affected Software

VendorProductVersion RangeStatus
SiemensTecnomatix Plant Simulation V23020 < V2302.0015affected
SiemensTecnomatix Plant Simulation V24040 < V2404.0004affected

Weaknesses

  • CWE-121: CWE-121: Stack-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References