Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in ModelSim (All versions < V2025.1), Questa (All versions < V2025.1). An example setup script contained in affected applications allows a specific executable file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch the script from a user-writable directory.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Siemens ModelSim和Siemens Questa 代码问题漏洞
Vulnerability Description
Siemens ModelSim和Siemens Questa都是德国西门子(Siemens)公司的一个模拟仿真软件。 Siemens ModelSim和Siemens Questa存在代码问题漏洞,该漏洞源于受影响应用程序中包含的示例安装脚本允许从当前工作目录加载特定的可执行文件。这可能允许经过身份验证的本地攻击者在安装中注入任意代码并提升权限,其中管理员或具有提升权限的进程从用户可写目录启动脚本。
CVSS Information
N/A
Vulnerability Type
N/A