CVE-2023-39181

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: Aug 10, 2023

CWE ID 787

Summary

CVE-2023-39181 is a newly discovered vulnerability affecting all versions of Solid Edge SE2023 prior to V223.0 Update 7. This issue stems from an out-of-bounds write flaw in the application's PAR file parsing functionality. When processing a specially crafted PAR file, Solid Edge inadvertently writes data beyond the allocated buffer. The consequences of this vulnerability are significant, as an attacker can leverage it to execute arbitrary code within the context of the current process.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens Solid Edge

Affected Vendors

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sHPBTv
https://www.cve.org/CVERecord?id=CVE-2023-39181
https://nvd.nist.gov/vuln/detail/CVE-2023-39181

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Predator Still Active, with New Client and Corporate Links Identified

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

Know What Matters

For Customers

For Partners