2 matches found
Siemens Solid Edge File Parsing (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write, Improper Restriction of XML External Entity Reference, Out-of-bounds Read 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...
CVE-2020-28385
Siemens Solid Edge vulnerabilities CVE-2020-28385 affect Solid Edge SE2020 (before SE2020MP13) and SE2021 (before SE2021MP4). The root cause is improper validation of user-supplied data when parsing DFT files, leading to an out-of-bounds write past the end of an allocated structure and potential ...