CVE-2024-52574: CVE-2024-52574

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-52574

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24543)

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

跨界内存读

Source: NVD (National Vulnerability Database)

Vulnerability Title

Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Siemens Tecnomatix Plant Simulation是德国西门子（Siemens）公司的一个工控设备。利用离散事件仿真的强大功能进行生产量分析和优化，进而改善制造系统性能。 Siemens Tecnomatix Plant Simulation V2302版本至V2302.0018之前版本和V2404版本至V2404.0007之前版本存在缓冲区错误漏洞，该漏洞源于在解析特制的 WRL 文件时包含越界读取漏洞。攻击者利用该漏洞在当前进程中执行代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Siemens	Teamcenter Visualization V14.2	0 ~ V14.2.0.14	-
Siemens	Teamcenter Visualization V14.3	0 ~ V14.3.0.12	-
Siemens	Teamcenter Visualization V2312	0 ~ V2312.0008	-
Siemens	Teamcenter Visualization V2406	0 ~ V2406.0005	-
Siemens	Tecnomatix Plant Simulation V2302	0 ~ V2302.0018	-
Siemens	Tecnomatix Plant Simulation V2404	0 ~ V2404.0007	-

II. Public POCs for CVE-2024-52574

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-52574

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: Teamcenter Visualization V14.2

Same vendor: Siemens

Same weakness: CWE-125

V. Comments for CVE-2024-52574

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2024-52574

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-52574

III. Intelligence Information for CVE-2024-52574

IV. Related Vulnerabilities

V. Comments for CVE-2024-52574

Leave a comment