EUVD-2024-38959

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in Tecnomatix Plant Simulation allows code execution through stack overflow in SPP files

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the SPP analyzer in the software environment of the simulation model for systems and processes in Siemens Tecnomatix Plant Simulation allows a perpetrator to execute arbitrary code.	11 Sep 202400:00	–	bdu_fstec
Circl	CVE-2024-41170	10 Sep 202413:23	–	circl
CNNVD	Siemens Tecnomatix Plant Simulation 安全漏洞	10 Sep 202400:00	–	cnnvd
CNVD	Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2024-38014)	12 Sep 202400:00	–	cnvd
CVE	CVE-2024-41170	10 Sep 202409:36	–	cve
Cvelist	CVE-2024-41170	10 Sep 202409:36	–	cvelist
ICS	Siemens Tecnomatix Plant Simulation	10 Sep 202400:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	10 Sep 202418:20	–	ncsc
NVD	CVE-2024-41170	10 Sep 202410:15	–	nvd
RedhatCVE	CVE-2024-41170	9 Jan 202608:34	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "8045e803-a1b7-3490-b9a8-db14646125e3",
        "vendor": {
          "name": "Siemens"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "99a02694-b6fa-3796-8a8f-639f77f0d8b1",
        "product": {
          "name": "Tecnomatix Plant Simulation V2302"
        },
        "product_version": "0 <V2302.0015"
      },
      {
        "id": "e7394162-c7e4-35f0-a70a-c2533095f6f8",
        "product": {
          "name": "Tecnomatix Plant Simulation V2404"
        },
        "product_version": "0 <V2404.0004"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-427715.html

03 Oct 2025 20:07Current

7.6High risk

Vulners AI Score7.6

CVSS 3.17.8

CVSS 47.3

EPSS0.00091

SSVC