CVE-2024-52565

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 18, 2024
Updated: Dec 10, 2024
CWE ID 787

Summary

CVE-2024-52565 is a recently disclosed vulnerability affecting Teamcenter Visualization V14.2, V14.3, V2312, V2406, Tecnomatix Plant Simulation V2302, and V2404. These applications contain an out-of-bounds write vulnerability when processing a maliciously crafted WRL file. An attacker exploiting this weakness could write unintended data beyond the intended boundaries, potentially leading to code execution in the context of the current process. (ZDI-CAN-24231) This issue represents a significant risk, as it allows for potential unauthorized code execution if a WRL file is opened within the affected applications. Users are strongly advised to install the recommended patches or updates as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share