First published: Tue Aug 08 2023(Updated: )
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process.
Credit: productcert@siemens.com productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens Solid Edge | =se2023 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-39419.
The severity of CVE-2023-39419 is high with a severity value of 7.8.
All versions of Solid Edge SE2023 that are less than V223.0 Update 7 are affected.
This vulnerability could allow an attacker to execute code in the context of the current user.
Yes, Siemens has released an update (V223.0 Update 7) that addresses the vulnerability.