- Description
- A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.
- Source
- productcert@siemens.com
- NVD status
- Analyzed
- Products
- simcenter_femap, simcenter_nastran
CVSS 4.0
- Type
- Secondary
- Base score
- 7.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 7.3
- Impact score
- 5.9
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- productcert@siemens.com
- CWE-125
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simcenter_femap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DE036D-8721-4DDF-9459-5735606CF324",
"versionEndExcluding": "2512.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simcenter_nastran:*:*:*:*:*:*:*:*",
"matchCriteriaId": "308A9F5D-48A7-4AEA-B2C9-BAFF947244DB",
"versionEndExcluding": "2512.0000",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]