CVE-2023-1997

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 28, 2023
Updated: Aug 31, 2023
CWE ID 78

Summary

CVE-2023-1997 is a critical OS Command Injection vulnerability affecting SIMULIA 3DOrchestrate from releases 3DEXPERIENCE R2021x to R2023x. Maliciously crafted HTTP requests can exploit this vulnerability to execute arbitrary operating system commands, potentially allowing unauthorized access, data theft, or system damage. Users are urged to apply the available patch or upgrade to a secure version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share