CVE-2023-38532

Published: Aug 8, 2023Modified: Nov 21, 2024

4.8

Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: productcert@siemens.com (Secondary)

Description

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition.

Affected (6)

Products: Siemens: Parasolid, Teamcenter Visualization

Siemens

2 products

Parasolid

Teamcenter Visualization

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Siemens Parasolid	From 34.1 to 34.1.258
Siemens Parasolid	From 35.0 to 35.0.254
Siemens Parasolid	From 35.1 to 35.1.171
Siemens Teamcenter Visualization	From 14.1 to 14.1.0.11
Siemens Teamcenter Visualization	From 14.2 to 14.2.0.6
Siemens Teamcenter Visualization	From 14.3 to 14.3.0.3