N/A

A vulnerability has been identified in Solid Edge (All versions < V2023 MP1). The DOCMGMT.DLL contains a memory corruption vulnerability that could be triggered while parsing files in different file formats such as PAR, ASM, DFT. This could allow an attacker to execute code in the context of the current process.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

内存缓冲区边界内操作的限制不恰当

Siemens Solid Edge 缓冲区错误漏洞

Siemens Solid Edge是德国西门子（Siemens）公司的一款三维CAD软件。该软件可用于零件设计、装配设计、钣金设计、焊接设计等行业。 Siemens Solid Edge V2023 MP1之前的版本存在缓冲区错误漏洞，该漏洞源于其DOCMGMT.DLL组件发生内存损坏导致在解析PAR、ASM、DFT等不同文件格式的文件时可能允许攻击者在当前进程的上下文中执行代码。

N/A

N/A