漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in ModelSim (All versions < V2025.1), Questa (All versions < V2025.1). An example setup script contained in affected applications allows a specific executable file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch the script from a user-writable directory.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Siemens ModelSim和Siemens Questa 代码问题漏洞
Vulnerability Description
Siemens ModelSim和Siemens Questa都是德国西门子(Siemens)公司的一个模拟仿真软件。 Siemens ModelSim和Siemens Questa存在代码问题漏洞,该漏洞源于受影响应用程序中包含的示例安装脚本允许从当前工作目录加载特定的可执行文件。这可能允许经过身份验证的本地攻击者在安装中注入任意代码并提升权限,其中管理员或具有提升权限的进程从用户可写目录启动脚本。
CVSS Information
N/A
Vulnerability Type
N/A