CVE-2023-30985
First published: Tue May 09 2023(Updated: )
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19426)
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Solid Edge Se2023 | ||
| Siemens Solid Edge Se2023 | =update_0001 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-30985.
What is the severity of CVE-2023-30985?
The severity of CVE-2023-30985 is medium with a CVSS score of 5.5.
Which software versions are affected by CVE-2023-30985?
Solid Edge SE2023 versions below V223.0 Update 3 and V223.0 Update 2 are affected.
What is the impact of CVE-2023-30985?
CVE-2023-30985 allows an attacker to cause an out of bounds read past the end of an allocated buffer, potentially leading to information disclosure or denial of service.
How can I fix CVE-2023-30985?
Apply V223.0 Update 3 for Solid Edge SE2023 to remediate CVE-2023-30985.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/siemens
- canonical/siemens solid edge se2023
- version/siemens solid edge se2023/update_0001