CVE-2021-25678

🗓️ 22 Apr 2021 20:42:21Reported by siemensType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 59 Views

Vulnerability in Solid Edge SE2020/SE2021, allowing code execution via PAR file parsin

Reporter	Title	Published	Views	Family All 9
CNNVD	Siemens Solid Edge 缓冲区错误漏洞	13 Apr 202100:00	–	cnnvd
CNVD	Siemens Solid Edge PAR File Out-of-Bounds Write Vulnerability	13 Apr 202100:00	–	cnvd
Cvelist	CVE-2021-25678	22 Apr 202120:42	–	cvelist
EUVD	EUVD-2021-12570	7 Oct 202500:30	–	euvd
ICS	Siemens Solid Edge File Parsing (Update A)	13 Apr 202100:00	–	ics
NVD	CVE-2021-25678	22 Apr 202121:15	–	nvd
Prion	Default credentials	22 Apr 202121:15	–	prion
RedhatCVE	CVE-2021-25678	22 May 202519:26	–	redhatcve
Zero Day Initiative	Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability	25 May 202100:00	–	zdi

NVD

Node

siemens solid_edge_se2020Range<se2020mp14

siemens solid_edge_se2021Range<se2021mp4

[
  {
    "product": "Solid Edge SE2020",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < SE2020MP13"
      }
    ]
  },
  {
    "product": "Solid Edge SE2020",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < SE2020MP14"
      }
    ]
  },
  {
    "product": "Solid Edge SE2021",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions < SE2021MP4"
      }
    ]
  }
]

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-21-611/
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-574442.pdf

21 Nov 2024 05:55Current

7.7High risk

Vulners AI Score7.7

CVSS 26.8

CVSS 3.17.8

EPSS0.0038

CWE-787