CVE-2024-45476

Summary

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted WRL files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

Affected Software

VendorProductVersion RangeStatus
SiemensTeamcenter Visualization V14.20 < V14.2.0.14affected
SiemensTeamcenter Visualization V14.30 < V14.3.0.12affected
SiemensTeamcenter Visualization V23120 < V2312.0008affected
SiemensTecnomatix Plant Simulation V23020 < V2302.0016affected
SiemensTecnomatix Plant Simulation V24040 < V2404.0005affected

Weaknesses

  • CWE-476: CWE-476: NULL Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References