CVE-2024-33577

Published: May 14, 2024Modified: Oct 3, 2025

7.3

Vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: productcert@siemens.com (Secondary)

Description

A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain a stack overflow vulnerability while parsing specially strings as argument for one of the application binaries. This could allow an attacker to execute code in the context of the current process.

Affected (2)

Products: Siemens: Simcenter Femap, Simcenter Nastran

2 products

Simcenter Femap

Simcenter Nastran

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Siemens Simcenter Femap	Before 2406.0000
Siemens Simcenter Nastran	From 2306.0 to 2406.90

Related CWEs

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References (4)

https://cert-portal.siemens.com/productcert/html/ssa-064222.html

Source: productcert@siemens.com

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-258494.html

Source: productcert@siemens.com

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-064222.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-258494.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.