CVE-2021-46699

Опубликовано: 22 фев. 2022

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.1). Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15061)

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf
Mitigation
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-509/
Third Party Advisory
VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf
Mitigation
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-509/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:siemens:simcenter_femap:*:*:*:*:*:*:*:*

Версия до 2022.1.1 (исключая)

EPSS

Процентиль: 75%

0.0088

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-121

CWE-787

Связанные уязвимости

GHSA-hpm5-64qh-4562

CVSS3: 7.8

github

почти 4 года назад

BDU:2022-03021

CVSS3: 8.8

fstec