CVE-2022-46346
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19071)
| CWE | CWE-787 |
| Vendor | siemens |
| Product | parasolid v33.1 |
| Ecosystems | |
| Industries | IndustrialManufacturing |
| Published | Dec 13, 2022 |
| Last Updated | Aug 3, 2024 |
Stay Ahead of the Next One
Get instant alerts for siemens parasolid v33.1
Be the first to know when new high vulnerabilities affecting siemens parasolid v33.1 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Siemens / Parasolid V33.1
All versions < V33.1.264
Siemens / Parasolid V34.0
All versions < V34.0.252
Siemens / Parasolid V34.1
All versions < V34.1.242
Siemens / Parasolid V35.0
All versions < V35.0.170
Siemens / Solid Edge SE2022
All versions < V222.0MP12
Siemens / Solid Edge SE2022
All versions
Siemens / Solid Edge SE2023
All versions < V223.0Update2