CVE-2024-54091
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 12), Solid Edge SE2025 (All versions < V225.0 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer while parsing X_T data or a specially crafted file in X_T format. This could allow an attacker to execute code in the context of the current process.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | Solid Edge SE2024 | 0 < V224.0 Update 12 | affected |
| Siemens | Solid Edge SE2025 | 0 < V225.0 Update 3 | affected |
Weaknesses
- CWE-787: CWE-787: Out-of-bounds Write
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://cert-portal.siemens.com/productcert/html/ssa-979056.html
- https://cert-portal.siemens.com/productcert/html/ssa-672923.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.