CVE-2023-38073

CVE-2023-38073 affects Siemens JT2Go and Teamcenter Visualization (various versions listed) and Tecnomatix Plant Simulation per the provided records. The vulnerability is a type confusion error encountered while parsing WRL files, which could allow an attacker to execute code in the context of th...

CVE-2023-38072

Siemens CVE-2023-38072 affects JT2Go and Teamcenter Visualization (and related Tecnomatix Plant Simulation) with an out-of-bounds write past the end of an allocated structure while parsing specially crafted WRL files. Affected versions include JT2Go < 14.3.0.1 and Teamcenter Visualization <...

CVE-2023-38072

A vulnerability has been identified in JT2Go All versions V14.3.0.1, Teamcenter Visualization V13.3 All versions V13.3.0.12, Teamcenter Visualization V14.0 All versions, Teamcenter Visualization V14.1 All versions V14.1.0.11, Teamcenter Visualization V14.2 All versions V14.2.0.6, Teamcenter...

CVE-2023-38071

A vulnerability has been identified in JT2Go All versions V14.3.0.1, Teamcenter Visualization V13.3 All versions V13.3.0.12, Teamcenter Visualization V14.0 All versions, Teamcenter Visualization V14.1 All versions V14.1.0.11, Teamcenter Visualization V14.2 All versions V14.2.0.6, Teamcenter...

CVE-2023-38071

CVE-2023-38071 affects Siemens JT2Go and Teamcenter Visualization (and Tecnomatix Plant Simulation) with a heap-based buffer overflow while parsing specially crafted WRL files, enabling code execution in the context of the current process. Affected products/versions include JT2Go < 14.3.0.1; T...

CVE-2023-38071

A vulnerability has been identified in JT2Go All versions V14.3.0.1, Teamcenter Visualization V13.3 All versions V13.3.0.12, Teamcenter Visualization V14.0 All versions, Teamcenter Visualization V14.1 All versions V14.1.0.11, Teamcenter Visualization V14.2 All versions V14.2.0.6, Teamcenter...

CVE-2023-38070

Summary: CVE-2023-38070 affects Siemens JT2Go and related Teamcenter Visualization/Tecnomatix components. A stack-based buffer overflow occurs when parsing specially crafted WRL files, allowing code execution in the current process context. Affected products/versions include JT2Go < 14.3.0.1, ...

PT-2023-5157 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 all versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prio...

PT-2023-5158 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prior to...

Siemans WIBU Systems CodeMeter

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

PT-2023-5163 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 all versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prio...

PT-2023-5160 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 all versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prio...

Siemens QMS Automotive 安全漏洞

Siemens QMS Automotive is a quality management system for the automotive industry from Siemens, Germany. Siemens QMS Automotive has an information disclosure hole that can be exploited by an attacker to perform a memory dump, gain access to credentials, and use them in a simulation...

PT-2023-5161 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 all versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prio...

Hive Pro Recognized in 2023 Gartner® Hype Cycle™ for Security Operations & Market Guide™ for Vulnerability Assessment

HERNDON, Va., Sept. 7, 2023 - Hive Pro®, a pioneer vendor of Threat Exposure Management is now featured in two prominent Gartner publications that spotlight industry leaders and innovators: The Market Guide™ for Vulnerability Assessment 2023 and The Hype Cycle for Security Operations 2023. As cyb...

Price Manipulation Through Vulnerability in simulateRange Function

Lines of code Vulnerability details Impact The simulateRange function, although designed for simulation and testing purposes, could potentially be exploited in a sandwich attack scenario. A malicious actor could front-run a user's transaction by using a flash loan to manipulate the price,...

Rounding in the unwrap function in rUSDY may cause fund loss for users.

Lines of code Vulnerability details Impact Rouding with BPSDENOMINATOR in function unwrap in rUSDY.sol may cause users to be transfered back less than expected USDY. POC The rUSDY.sol contract provides a way to wrap an amount of USDY as shares in order to gain profit in rUSDY. This is done throug...

scenery.flightgear.org Cross Site Scripting vulnerability OBB-3594761

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Schneider Electric EcoStruxure Operator Terminal Expert VXDZ File Parsing Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Operator Terminal Expert. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specif...

Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-85374)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. The power of discrete-event simulation is used to analyze and optimize throughput and thus improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from an out-of-bounds write...