Siemens Parasolid Out-of-Bounds Read Vulnerability (CNVD-2024-17299)

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. An out-of-bounds read vulnerability exists in Siemens Parasolid, which can be exploited by an attack to execute code in the...

The vulnerability of Parasolid’s 3D geometric modeling tool, related to the swapping of the zero pointer, allows a hacker to trigger a service failure.

The vulnerability of Parasolid’s 3D geometric modeling tool is related to the manipulation of the zero pointer. Exploiting this vulnerability can allow attackers to trigger a service failure using specially created XT files...

Siemens Parasolid Null Pointer Dereference Vulnerability

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. A null pointer dereference vulnerability exists in Siemens Parasolid, which can be exploited by an attack to crash the applicati...

Siemens Parasolid 安全漏洞

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. A stack exhaustion vulnerability exists in Siemens Parasolid, which can be exploited to cause a denial of service...

Siemens Parasolid 代码问题漏洞

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. A null pointer dereference vulnerability exists in Siemens Parasolid, which can be exploited by an attack to crash the applicati...

Siemens Parasolid Null Pointer Dereference Vulnerability

Parasolid is a 3D geometry modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/table modeling. Siemens Parasolid null pointer dereference vulnerability can be exploited by an attacker to crash an application, resulting in a denial of...

PT-2024-1965 · Siemens · Simcenter Femap

Name of the Vulnerable Software and Affected Versions: Simcenter Femap versions prior to V2306.0000 Description: A vulnerability has been identified in Simcenter Femap, where the application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. This coul...

Siemens Spectrum Power 7 Critical Resource Privilege Assignment Error Vulnerability

Spectrum Power 7 provides the essential components of SCADA, communications and data modeling for control and monitoring systems. Application suites can be added to optimize network and generation management in all areas of energy management. Siemens Spectrum Power 7 suffers from a misassigned...

The vulnerability of software for internal threat modeling in the AXIS Security Development Model of the operating system AXIS OS, due to deficiencies in access control, allows attackers to circumvent existing security restrictions.

The software vulnerability for internal threat modeling is a flaw in Axis Security’s operating system development model. Exploiting this vulnerability allows a remote attacker to bypass existing security restrictions...

What Is The Cyber Kill Chain? Process & Model

Grasping the Fundamentals: A Study of the Cyber Harm Ladder Navigating the multifaceted universe of cybersecurity is similar to solving an evolving labyrinth. This world is awash with intricate principles and techniques; with the Cyber Harm Ladder gaining increasing focus in recent times. But, wh...

The vulnerability of the Xenon Ashlar-Vellum software for 3D modeling lies in its uncontrolled search element, which allows a hacker to execute arbitrary code.

The vulnerability of the Xenon Ashlar-Vellum software for 3D modeling is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a hacker to execute arbitrary code...

The vulnerability of Siemens OPC UA Modeling Editor (SiOME) relates to incorrect restrictions on XML references to external objects, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Siemens OPC UA Modeling Editor SiOME is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information...

CVE-2023-5553

CVE-2023-5553 affects Axis OS Secure Boot protection. The AXIS OS tampering-protection bypass is the underlying issue, enabling a sophisticated attack to bypass the device’s tamper protection. Public detail indicates affected AXIS OS ranges include versions 10.8–11.6 (per external summaries), wit...

Siemens OPC UA Modeling Editor (SiOME) XML External Entity Injection Vulnerability

Siemens OPC UA Modeling Editor SiOME is a free tool to create OPC UA information models or map existing companion specifications. An XML external entity injection vulnerability exists in Siemens OPC UA Modeling Editor SiOME, which can be exploited by an attacker to interfere with the application'...

Siemens OPC UA Modelling Editor 安全漏洞

Siemens OPC UA Modeling Editor SiOME is a free tool to create OPC UA information models or map existing companion specifications. An XML external entity injection vulnerability exists in Siemens OPC UA Modeling Editor SiOME, which can be exploited by an attacker to interfere with the application'...

Siemens OPC UA Modeling Editor (SiOME)

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Maximizing the value of threat modeling

Explore four practices that maximize the value of threat models throughout the entire development lifecycle...

The vulnerability of SpaceClaim’s 3D modeling software allows a hacker to execute arbitrary code.

The vulnerability of the SpaceClaim 3D modeling software lies in the handling of buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the software platform for system modeling and multi-domain system analysis in Simcenter Amesim, related to incorrect code generation, allows a perpetrator to execute arbitrary code.

The vulnerability of the software platform for system modeling and analysis of multi-domain systems in Simcenter Amesim is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the import function for BPMN files in the Business Process Modeling module of SAP PowerDesigner allows a attacker to trigger a service failure.

The vulnerability of the BPMN-file import function in the Business Process Modeling module of the SAP PowerDesigner software relates to the lack of authenticity verification for XML documents. Exploiting this vulnerability could allow an attacker to cause service failures...