CVE-2022-28661

2022-04-1209:08:09

CWE-125

siemens

www.cve.org

simcenter femap

vulnerability

executing code

.neu files

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

55.2%

JSON

A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15114)

CNA Affected

[
  {
    "product": "Simcenter Femap",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V2022.1.2"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-998762.pdf