CVE-2023-49123

2024-01-0910:15:17

CWE-122

CWE-787

[email protected]

web.nvd.nist.gov

solid edge se2023

buffer overflow

heap-based

par files

code execution

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

19.1%

JSON

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Affected configurations

Nvd

Node

siemenssolid_edge_se2023Range<223.0

siemenssolid_edge_se2023Match223.0-

siemenssolid_edge_se2023Match223.0update_0001

siemenssolid_edge_se2023Match223.0update_0002

siemenssolid_edge_se2023Match223.0update_0003

siemenssolid_edge_se2023Match223.0update_0004

siemenssolid_edge_se2023Match223.0update_0005

siemenssolid_edge_se2023Match223.0update_0006

siemenssolid_edge_se2023Match223.0update_0007

siemenssolid_edge_se2023Match223.0update_0008

siemenssolid_edge_se2023Match223.0update_0009

VendorProductVersionCPE
siemenssolid_edge_se2023*cpe:2.3:a:siemens:solid_edge_se2023:*:*:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:-:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0001:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0002:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0003:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0004:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0005:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0006:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0007:*:*:*:*:*:*
siemenssolid_edge_se2023223.0cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0008:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	solid_edge_se2023	*	cpe:2.3:a:siemens:solid_edge_se2023::::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:-::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0001::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0002::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0003::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0004::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0005::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0006::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0007::::::
siemens	solid_edge_se2023	223.0	cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0008::::::