CVE-2023-27402
First published: Tue Mar 14 2023(Updated: )
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20334)
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Tecnomatix Plant Simulation | <2201.0006 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-27402?
The severity of CVE-2023-27402 is high, with a severity value of 7.8.
Which software versions are affected by CVE-2023-27402?
All versions of Siemens Tecnomatix Plant Simulation prior to V2201.0006 are affected by CVE-2023-27402.
What is the vulnerability in Tecnomatix Plant Simulation?
The vulnerability in Tecnomatix Plant Simulation is related to an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files.
Is there a fix available for CVE-2023-27402?
To fix CVE-2023-27402, upgrade to version V2201.0006 or a later version of Siemens Tecnomatix Plant Simulation.
Where can I find more information about CVE-2023-27402?
You can find more information about CVE-2023-27402 in the Siemens Product CERT security advisory SSA-847261.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/weakness
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/siemens
- canonical/siemens tecnomatix plant simulation