Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞

Tecnomatix Plant Simulation allows the modeling, simulation, exploration and optimization of logistics systems and their processes. These models allow material flow, resource utilization and logistics analysis of all manufacturing plans from global production facilities to local plants and specif...

Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞

Tecnomatix Plant Simulation allows the modeling, simulation, exploration and optimization of logistics systems and their processes. These models allow material flow, resource utilization and logistics analysis of all manufacturing plans from global production facilities to local plants and specif...

The vulnerability of the Rockwell Automation Pavilion8 platform’s simulation, control, and optimization functions arises from an improper limitation on the path name to the restricted access catalog. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Rockwell Automation Pavilion8 platform for simulation, control, and optimization is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool

Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the program on several customers' systems. "It has a standard set of features commonly found in penetration...

PT-2024-9536 · Siemens · Tecnomatix Plant Simulation +1

Name of the Vulnerable Software and Affected Versions: Tecnomatix Plant Simulation versions prior to V2302.0016 Tecnomatix Plant Simulation versions prior to V2404.0005 Teamcenter Visualization versions prior to V14.2.0.14 Teamcenter Visualization versions prior to V14.3.0.12 Teamcenter...

PT-2024-9537 · Siemens · Tecnomatix Plant Simulation +1

Name of the Vulnerable Software and Affected Versions: Teamcenter Visualization versions prior to V14.2.0.14 Teamcenter Visualization versions prior to V14.3.0.12 Teamcenter Visualization versions prior to V2312.0008 Tecnomatix Plant Simulation versions prior to V2302.0016 Tecnomatix Plant...

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2024-38014)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A stack buffer overflow vulnerability exists in Siemen...

The vulnerability of the SPP analyzer in the software environment of the simulation model for systems and processes in Siemens Tecnomatix Plant Simulation allows a perpetrator to execute arbitrary code.

The vulnerability of the SPP analyzer in the simulation modeling environment of Siemens Tecnomatix Plant Simulation relates to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code, provided that the user opens a specially crafted SPP file...

CVE-2024-41170

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...

CVE-2024-41170

CVE-2024-41170 affects Siemens Tecnomatix Plant Simulation: stack-based overflow in the parser for specially crafted SPP files. Affected versions include Plant Simulation V2302 prior to 0015 and V2404 prior to 0004, allowing code execution in the current process context. Remediation: update to V2...

CVE-2024-41170

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...

CVE-2024-41170

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...

Siemens Tecnomatix Plant Simulation 安全漏洞

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A stack buffer overflow vulnerability exists in Siemen...

Siemens Tecnomatix Plant Simulation

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

GHSA-6XX4-X46F-F897 Hoverfly allows an arbitrary file read in the `/api/v2/simulation` endpoint (`GHSL-2023-274`)

Details The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary files from the Hoverfly server. go...

Hoverfly allows an arbitrary file read in the `/api/v2/simulation` endpoint (`GHSL-2023-274`)

Details The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary files from the Hoverfly server. go...

CVE-2024-45388

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

CVE-2024-45388

Hoverfly (Git SpectoLabs) contains a path traversal vulnerability in the /api/v2/simulation POST handler that lets unauthenticated attackers read arbitrary files from the server by supplying a specially crafted bodyFile parameter (e.g., ../../../../etc/passwd). The implementation attempts to join...