CVE-2023-43625: Code Injection
First published: Tue Oct 10 2023(Updated: )
A vulnerability has been identified in Simcenter Amesim (All versions < V2021.1). The affected application contains a SOAP endpoint that could allow an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process.
Credit: productcert@siemens.com productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Simcenter Amesim | <2021.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of the identified vulnerability in Simcenter Amesim?
The vulnerability ID is CVE-2023-43625.
What is the severity rating of CVE-2023-43625?
The severity rating of CVE-2023-43625 is critical with a value of 9.8.
Which version of Simcenter Amesim is affected by CVE-2023-43625?
All versions of Simcenter Amesim prior to V2021.1 are affected by CVE-2023-43625.
What is the impact of CVE-2023-43625?
CVE-2023-43625 allows an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process.
How can I fix CVE-2023-43625?
To fix CVE-2023-43625, it is recommended to update Simcenter Amesim to version V2021.1 or later.
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/weakness
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- vendor/siemens
- canonical/siemens simcenter amesim