N/A

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

跨界内存读

Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞

Siemens Tecnomatix Plant Simulation是德国西门子（Siemens）公司的一个工控设备。利用离散事件仿真的强大功能进行生产量分析和优化，进而改善制造系统性能。 Siemens Tecnomatix Plant Simulation V2302版本至V2302.0016之前版本和V2404版本至V2404.0005之前版本存在缓冲区错误漏洞，该漏洞源于允许越界读取内存。攻击者利用该漏洞可以在当前进程中执行任意代码。

N/A

N/A