Siemens PS/IGES Parasolid Translator Component

🗓️ 14 May 2024 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics

ics🔗 www.cisa.gov👁 27 Views

Siemens PS/IGES Parasolid Translator Component vulnerabilities and update information.

Reporter	Title	Published	Views	Family All 82
BDU FSTEC	The vulnerability of the file conversion tools between different formats (PS/IGES Parasolid Translator) is related to errors in data type mixing. This allows a malicious actor to execute arbitrary code.	24 May 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator, arises from the possibility of the operation exceeding the buffer boundaries in memory. This vulnerability allows an attacker to execute arbitrary code.	24 May 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator, arises from the possibility of the operation exceeding the buffer boundaries in memory. This vulnerability allows an attacker to execute arbitrary code.	27 May 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator, arises from the possibility of the operation exceeding the buffer boundaries in memory. This vulnerability allows an attacker to execute arbitrary code.	27 May 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator, arises from the possibility of the operation exceeding the buffer boundaries in memory. This vulnerability allows an attacker to execute arbitrary code.	27 May 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator, arises from buffer overflows. This allows attackers to execute arbitrary code.	27 May 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the pre-processing processor Simcenter Femap and the file conversion tool set between different formats (PS/IGES Parasolid Translator) lies in the reading of data beyond the buffer boundary in memory. This allows an attacker to execute arbitrary code.	23 Jul 202400:00	–	bdu_fstec
CNNVD	Siemens Parasolid 缓冲区错误漏洞	14 May 202400:00	–	cnnvd
CNNVD	Siemens Parasolid 安全漏洞	14 May 202400:00	–	cnnvd
CNNVD	Siemens Parasolid 缓冲区错误漏洞	14 May 202400:00	–	cnnvd

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/csaf/ssa-976324.json
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-976324.html
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-976324.pdf
cert-portal	www.cert-portal.siemens.com/productcert/txt/ssa-976324.txt
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-137-08.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-24-137-08
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/topics/industrial-control-systems
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf

14 May 2024 00:00Current

8.3High risk

Vulners AI Score8.3

CVSS 47.3

CVSS 3.17.8

EPSS0.00166

SSVC

cisa ics security advisories siemens product vulnerabilities ps/iges parasolid out-of-bounds read type confusion memory buffer