CVE-2024-24921: Buffer Overflow
First published: Tue Feb 13 2024(Updated: )
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21712)
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Simcenter Femap | <2401.0000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-24921?
CVE-2024-24921 is considered a critical vulnerability due to the potential for memory corruption and code execution.
How do I fix CVE-2024-24921?
To mitigate CVE-2024-24921, upgrade to Siemens Simcenter Femap version 2401.0000 or later.
Which versions of Simcenter Femap are affected by CVE-2024-24921?
All versions of Simcenter Femap prior to 2401.0000 are affected by CVE-2024-24921.
What type of attack is possible due to CVE-2024-24921?
CVE-2024-24921 could allow an attacker to execute arbitrary code in the context of the current process.
What file type triggers the vulnerability in CVE-2024-24921?
CVE-2024-24921 is triggered by specially crafted Catia MODEL files.
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/type
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/last-modified-date
- agent/weakness
- agent/event
- agent/tags
- agent/source
- vendor/siemens
- canonical/siemens simcenter femap