CVE-2023-24565
First published: Tue Feb 14 2023(Updated: )
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted STL file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19428)
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Solid Edge Se2023 | <2210.0002.004 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-24565.
What is the affected software?
The affected software is Siemens Solid Edge SE2023, all versions prior to V223.0Update2.
What is the severity of CVE-2023-24565?
The severity of CVE-2023-24565 is medium with a CVSS score of 3.3.
How can I fix this vulnerability?
To fix this vulnerability, it is recommended to update Solid Edge SE2023 to version V223.0Update2 or later.
Where can I find more information about CVE-2023-24565?
You can find more information about CVE-2023-24565 at the following link: [Siemens ProductCERT](https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf).
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/siemens
- canonical/siemens solid edge se2023