N/A

A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12529)

N/A

跨界内存写

Siemens Solid Edge 缓冲区错误漏洞

Siemens Solid Edge是德国Siemens公司的一款三维CAD软件。该软件可用于零件设计、装配设计、钣金设计、焊接设计等行业。 Siemens Solid Edge存在缓冲区错误漏洞，该漏洞源于程序在分析PAR文件时缺少对用户提供的数据的正确验证，远程攻击者可以用该漏洞在程序上执行任意代码。以下产品或版本受到影响：Solid Edge SE2020MP13、Solid Edge SE2021MP4。

N/A

N/A