Lucene search
K
SiemensSolid Edge

47 matches found

CVE
CVE
added 2022/02/09 3:17 p.m.129 views

CVE-2021-44018

CVE-2021-44018 is a memory corruption/out-of-bounds read vulnerability in the plmxmlAdapterSE70.dll used by Siemens visualization products. Exploitation targets PAR file parsing and, per ZDI, can lead to remote code execution with user interaction required. Affected products include JT2Go (all ve...

7.8CVSS7.6AI score0.01691EPSS
CVE
CVE
added 2022/02/09 3:17 p.m.118 views

CVE-2021-44000

CVE-2021-44000 describes a heap-based buffer overflow in Siemens JT2Go/Solid Edge/Teamcenter Visualization products due to an out-of-bounds write in plmxmlAdapterSE70.dll when parsing PAR files. Concrete details from connected docs: affected components include JT2Go all versions prior to 13.2.0.7...

7.8CVSS7.7AI score0.01798EPSS
CVE
CVE
added 2022/02/09 3:17 p.m.116 views

CVE-2021-44016

The CVE-2021-44016 issue is a memory corruption vulnerability in the plmxmlAdapterSE70.dll when parsing PAR files, enabling code execution in affected Siemens visualization products. Affected: JT2Go (all versions < V13.2.0.7), Solid Edge SE2021 (< SE2021MP9), Solid Edge SE2022 (< SE2022M...

7.8CVSS7.6AI score0.017EPSS
CVE
CVE
added 2021/11/14 12:0 a.m.85 views

CVE-2021-43336

CVE-2021-43336 affects the Open Design Alliance Drawings SDK prior to 2022.11. It is an out-of-bounds write issue during parsing of DXF/DWG files (invalid number of properties) that can cause a write past the end of an allocated buffer, enabling code execution in the context of the vulnerable pro...

7.8CVSS7.5AI score0.01641EPSS
CVE
CVE
added 2023/02/14 10:37 a.m.80 views

CVE-2023-25140

CVE-2023-25140 affects Siemens Parasolid (V34.0, V34.1, V35.0, V35.1) and Solid Edge SE2022. A parsing-time out-of-bounds read on PAR files could enable code execution in the attacked process. Affected versions: Parasolid < V34.0.254, < V34.1.242, < V35.0.170, < V35.1.150; Solid Edge ...

7.8CVSS7.5AI score0.00214EPSS
CVE
CVE
added 2021/01/12 8:18 p.m.76 views

CVE-2020-26989

CVE-2020-26989 affects Siemens JT2Go (all versions

7.8CVSS7.8AI score0.02833EPSS
CVE
CVE
added 2021/01/12 8:18 p.m.75 views

CVE-2020-28383

CVE-2020-28383 affects Siemens JT2Go and Teamcenter Visualization (versions before 13.1.0.1). The vulnerability arises from improper validation of user-supplied data when parsing PAR files, allowing an out-of-bounds write past a memory location, which could enable code execution in the context of...

7.8CVSS7.7AI score0.03439EPSS
CVE
CVE
added 2021/07/13 11:3 a.m.74 views

CVE-2021-34327

The CVE affects Siemens Solid Edge, JT2Go, and Teamcenter Visualization with a heap-based buffer overflow in plmxmlAdapterSE70.dll when parsing ASM files. Root cause: improper validation of user-supplied data leading to an out-of-bounds write and potential code execution in the affected process. ...

7.8CVSS7.7AI score0.02079EPSS
CVE
CVE
added 2021/07/13 11:3 a.m.73 views

CVE-2021-34328

Siemens JT2Go (<V13.2), Solid Edge SE2021 (<SE2021MP5), and Teamcenter Visualization (

7.8CVSS7.7AI score0.02132EPSS
CVE
CVE
added 2021/09/28 11:12 a.m.72 views

CVE-2021-41535

Siemens Siemens NX 1953 Series (before v1973.3700), NX 1980 Series (before v1988), and Solid Edge SE2021 (before SE2021MP8) have a use-after-free vulnerability in OBJ file parsing that could allow code execution in the current process (ZDI-CAN-13771). Public disclosures (ZDI-21-1119, RH Red Hat a...

7.8CVSS7.6AI score0.01517EPSS
CVE
CVE
added 2021/07/13 11:3 a.m.70 views

CVE-2021-34329

Siemens JT2Go/Solid Edge/Teamcenter Visualization are affected by a heap-based buffer overflow in plmxmlAdapterSE70.dll when parsing PAR files. Impact: out-of-bounds write enabling code execution in the context of the current process. Affects JT2Go (all versions

7.8CVSS7.7AI score0.02132EPSS
CVE
CVE
added 2021/12/14 12:6 p.m.70 views

CVE-2021-44014

CVE-2021-44014 affects Siemens JT Open (≤11.1.1.0), JT Utilities (≤13.1.1.0) and Solid Edge (≤2023). The Jt1001.dll contains a use-after-free vulnerability triggered while parsing specially crafted JT files, enabling code execution in the current process. Affected versions require updating to JT ...

7.8CVSS7.6AI score0.01564EPSS
CVE
CVE
added 2023/01/10 11:39 a.m.68 views

CVE-2022-47935

The CVE-2022-47935 issue affects Siemens JT Open (pre-11.1.1.0), JT Utilities (pre-13.1.1.0), and Solid Edge (pre-2023). Root cause: a memory corruption vulnerability in Jt1001.dll when parsing specially crafted JT files, enabling code execution in the attacker’s context. Affects: JT Open, JT Uti...

7.8CVSS7.7AI score0.00279EPSS
CVE
CVE
added 2021/01/12 8:18 p.m.66 views

CVE-2020-28384

The CVE-2020-28384 entry affects Siemens Solid Edge: SE2020 (before SE2020MP12) and SE2021 (before SE2021MP2). The root cause is improper validation of user-supplied data when parsing PAR files, leading to a stack-based buffer overflow. This condition could allow code execution in the context of ...

7.8CVSS7.6AI score0.02845EPSS
CVE
CVE
added 2021/09/14 10:47 a.m.66 views

CVE-2021-37202

Siemens NX 1980 Series (all versions before v1984) and Solid Edge SE2021 (before SE2021MP8) are affected by CVE-2021-37202 due to a use-after-free vulnerability in the IFC adapter when parsing user-supplied IFC files. This could allow code execution in the context of the current process. Related ...

7.8CVSS7.6AI score0.00852EPSS
CVE
CVE
added 2021/09/28 11:12 a.m.66 views

CVE-2021-41537

Solid Edge SE2021 (

7.8CVSS7.6AI score0.01122EPSS
CVE
CVE
added 2021/01/12 8:18 p.m.65 views

CVE-2020-28382

Siemens Solid Edge SE2020/SE2021 (all versions prior to SE2020MP12/SE2021MP2) are affected by a PAR-file parsing vulnerability that can cause an out-of-bounds write, enabling code execution in the context of the affected process. The issue spans Solid Edge SE products and the Solid Edge Viewer, w...

7.8CVSS7.7AI score0.02625EPSS
CVE
CVE
added 2021/07/13 11:3 a.m.63 views

CVE-2021-34326

Summary of CVE-2021-34326 : Siemens Solid Edge/JT2Go/Teamcenter Visualization are affected by a heap-based buffer overflow in the plmxmlAdapterSE70.dll when parsing PAR files. Affected versions: JT2Go < 13.2, Solid Edge SE2021 < SE2021MP5, Teamcenter Visualization

7.8CVSS7.7AI score0.02132EPSS
CVE
CVE
added 2021/09/14 10:47 a.m.63 views

CVE-2021-37203

CVE-2021-37203 concerns Siemens NX/NX 1980 Series and Solid Edge SE2021 where the plmxmlAdapterIFC.dll performs an out-of-bounds read while parsing user-supplied IFC files. This can cause a denial-of-service or memory information leakage. Affected: NX 1980 Series (all versions before V1984) and S...

7.1CVSS6.5AI score0.00637EPSS
CVE
CVE
added 2021/09/28 11:12 a.m.63 views

CVE-2021-41534

CVE-2021-41534 affects Siemens NX 1980 Series (all versions before v1984) and Solid Edge SE2021 (all versions before SE2021MP8). Root cause: an out-of-bounds read past the end of an allocated buffer during JT file parsing, leading to potential information disclosure within the process. Mitigation...

4.3CVSS3.6AI score0.00935EPSS
CVE
CVE
added 2021/01/12 8:18 p.m.62 views

CVE-2020-28386

Siemens Solid Edge is affected by CVE-2020-28386 due to improper validation of data when parsing DFT files, causing an out-of-bounds write past an allocated structure and enabling code execution in the current process. The issue is described in ZDI-21-077 (Solid Edge Viewer) and is tied to Solid ...

7.8CVSS7.7AI score0.02625EPSS
CVE
CVE
added 2021/09/28 11:12 a.m.61 views

CVE-2021-41533

Siemens NX 1980 Series and Solid Edge SE2021 are affected by CVE-2021-41533 due to an out-of-bounds read when parsing JT files, enabling potential information disclosure within the current process. Siemens fixes are available: update NX 1980 Series to v1984+ and SE2021 to SE2021MP8+. The issue wa...

4.3CVSS3.6AI score0.00935EPSS
CVE
CVE
added 2021/09/28 11:12 a.m.61 views

CVE-2021-41539

CVE-2021-41539 concerns Siemens Solid Edge SE2021 (all versions before SE2021MP8) with a use-after-free in OBJ file parsing that could allow code execution in the affected process. Multiple sources (ZDI-21-1123; RH security advisory; CNVD; NVD/NVD list) describe the flaw as affecting the OBJ pars...

7.8CVSS7.6AI score0.01127EPSS
CVE
CVE
added 2022/10/11 12:0 a.m.61 views

CVE-2022-37864

Siemens Solid Edge prior to SE2022MP9 is affected by CVE-2022-37864, a heap-based buffer overflow when parsing DWG files. It allows code execution in the current process with local attack vector and user interaction required. Mitigation: update to SE2022MP9 or later or avoid untrusted DWG files; ...

7.8CVSS7.8AI score0.00223EPSS
CVE
CVE
added 2021/01/12 8:18 p.m.60 views

CVE-2020-28381

Siemens Solid Edge PAR file parsing contains an out-of-bounds write due to insufficient input validation, enabling possible remote code execution in the current process. Affected products include Solid Edge SE2020 (< SE2020MP12) and SE2021 (

7.8CVSS7.7AI score0.02621EPSS
CVE
CVE
added 2021/09/28 11:12 a.m.60 views

CVE-2021-41538

CVE-2021-41538 : Siemens Solid Edge/NX OBJ parsing uninitialized pointer information disclosure. Affected products and versions include: NX 1953 Series (all versions < V1973.3700) and NX 1980 Series (all versions < V1988); Solid Edge SE2021 (all versions = V1973.3700, NX 1980 >= V1988, a...

4.3CVSS3.4AI score0.00935EPSS
CVE
CVE
added 2021/12/14 12:6 p.m.58 views

CVE-2021-44002

CVE-2021-44002 affects Siemens JT Open (pre-11.1.1.0), JT Utilities (pre-13.1.1.0), and Solid Edge (pre-2023). The Jt1001.dll suffers an out-of-bounds write past an allocated structure while parsing crafted JT files, potentially enabling code execution in the current process. Mitigations from Sie...

7.8CVSS7.6AI score0.01564EPSS
CVE
CVE
added 2021/03/15 5:3 p.m.56 views

CVE-2021-27380

Siemens Solid Edge is affected: PAR-file parsing vulnerability in Solid Edge SE2020 (< SE2020MP13) and SE2021 (

7.8CVSS7.7AI score0.0144EPSS
CVE
CVE
added 2023/08/08 9:21 a.m.56 views

CVE-2023-39549

CVE-2023-39549 affects Siemens Solid Edge SE2023 (all versions

7.8CVSS7.6AI score0.00221EPSS
CVE
CVE
added 2021/03/15 5:3 p.m.54 views

CVE-2020-28387

CVE-2020-28387 affects Siemens Solid Edge SE2020 before SE2020MP13 and SE2021 before SE2021MP3. The issue arises when opening specially crafted SEECTCXML files; the XML parser can process external entities (XXE) due to insufficient restrictions, enabling disclosure of arbitrary files to an attack...

5.5CVSS5.4AI score0.00888EPSS
CVE
CVE
added 2021/09/28 11:12 a.m.54 views

CVE-2021-41536

Solid Edge SE2021 (all versions before SE2021MP8) contains a use-after-free in OBJ file parsing that can lead to code execution in the affected process (ZDI-21-1120). The issue is tied to the OBJ parser’s handling of objects/files and lacks validation, enabling an attacker to trigger arbitrary co...

7.8CVSS7.6AI score0.01122EPSS
CVE
CVE
added 2021/09/28 11:12 a.m.54 views

CVE-2021-41540

Solid Edge SE2021 before MP8 contains a use‑after‑free flaw when parsing OBJ files, allowing code execution in the current process (CVE-2021-41540; ZDI-21-1124). Affected product: Solid Edge SE2021 (all versions

7.8CVSS7.6AI score0.01122EPSS
CVE
CVE
added 2023/01/10 11:39 a.m.54 views

CVE-2022-47967

CVE-2022-47967 affects Siemens Solid Edge prior to V2023 MP1. The DOCMGMT.DLL contains a memory corruption flaw triggered when parsing file formats such as PAR, ASM, and DFT, potentially allowing code execution in the context of the current process. The vulnerability is rated CVSS v3.1 base score...

7.8CVSS7.7AI score0.00279EPSS
CVE
CVE
added 2021/03/15 5:3 p.m.53 views

CVE-2020-28385

Siemens Solid Edge vulnerabilities CVE-2020-28385 affect Solid Edge SE2020 (before SE2020MP13) and SE2021 (before SE2021MP4). The root cause is improper validation of user-supplied data when parsing DFT files, leading to an out-of-bounds write past the end of an allocated structure and potential ...

7.8CVSS7.7AI score0.01478EPSS
CVE
CVE
added 2023/08/08 9:20 a.m.52 views

CVE-2023-39185

CVE-2023-39185 affects Siemens Solid Edge SE2023: all versions prior to V223.0 Update 7 are vulnerable to an out-of-bounds read past the end of an allocated structure while parsing specially crafted PAR files, which could allow code execution in the process context. Siemens has released V223.0 Up...

7.8CVSS7.5AI score0.00219EPSS
CVE
CVE
added 2021/03/15 5:3 p.m.51 views

CVE-2021-27381

Solid Edge CVE-2021-27381 affects Solid Edge SE2020 (before MP13) and SE2021 (before MP3). The flaw is an out-of-bounds read when parsing PAR files, enabling an attacker to execute code in the current process. Remediation: update to Solid Edge SE2020 MP13 or later, and SE2021 MP3 or later (note: ...

7.8CVSS7.6AI score0.00903EPSS
CVE
CVE
added 2023/08/08 9:20 a.m.51 views

CVE-2023-39186

CVE-2023-39186 affects Siemens Solid Edge SE2023: all versions before V223.0 Update 7 are vulnerable to an out-of-bounds read past the end of an allocated structure while parsing specially crafted DFT files, potentially allowing code execution in the current process. The issue is tied to Solid Ed...

7.8CVSS7.5AI score0.00219EPSS
CVE
CVE
added 2023/08/08 9:20 a.m.49 views

CVE-2023-39184

Siemens Solid Edge SE2023 is affected. All versions prior to V223.0 Update 7 expose an out-of-bounds read while parsing specially crafted PSM files, allowing code execution in the current process. The issue is confirmed in CVE-2023-39184 and is addressed by updating to V223.0 Update 7 or later. S...

7.8CVSS7.5AI score0.00219EPSS
CVE
CVE
added 2023/08/08 9:21 a.m.47 views

CVE-2023-39419

CVE-2023-39419 affects Siemens Solid Edge SE2023 (all versions

7.8CVSS7.6AI score0.00207EPSS
CVE
CVE
added 2023/08/08 9:20 a.m.46 views

CVE-2023-39181

CVE-2023-39181 affects Siemens Solid Edge SE2023 (all versions before V223.0 Update 7). The vulnerability is an out-of-bounds write past the end of an allocated buffer during parsing of a specially crafted PAR file, potentially allowing code execution in the current process. Affected product: Sol...

7.8CVSS7.7AI score0.00207EPSS
CVE
CVE
added 2023/08/08 9:20 a.m.46 views

CVE-2023-39187

Solid Edge SE2023 is affected by CVE-2023-39187 (and related entries) due to an out-of-bounds read past the end of an allocated structure while parsing DFT files. Affected: all versions prior to V223.0 Update 7. Root cause: out-of-bounds read in the DFT parsing path could allow code execution in ...

7.8CVSS7.5AI score0.00219EPSS
CVE
CVE
added 2023/08/08 9:20 a.m.46 views

CVE-2023-39188

Siemens Solid Edge SE2023 is affected by CVE-2023-39188 (Solid Edge SE2023: all versions before V223.0 Update 7) due to an out-of-bounds read past the end of an allocated structure while parsing DFT files. This vulnerability could allow code execution in the current process. Siemens has released ...

7.8CVSS7.5AI score0.00207EPSS
CVE
CVE
added 2023/08/08 9:20 a.m.40 views

CVE-2023-39183

Solid Edge SE2023 is affected (all versions prior to V223.0 Update 7) by CVE-2023-39183 due to an out-of-bounds read past the end of an allocated structure while parsing specially crafted PSM files, potentially allowing code execution in the current process. Siemens provides a fix in V223.0 Updat...

7.8CVSS7.5AI score0.00219EPSS
CVE
CVE
added 2023/08/08 9:20 a.m.39 views

CVE-2023-39182

Solid Edge SE2023 is affected by CVE-2023-39182: an out-of-bounds read past the end of an allocated structure while parsing DFT files in all versions before V223.0 Update 7. The vulnerability could allow code execution in the current process. Siemens provides a fix in V223.0 Update 7 and recommen...

7.8CVSS7.5AI score0.00219EPSS
CVE
CVE
added 2025/07/08 10:35 a.m.29 views

CVE-2025-40741

Siemens Solid Edge SE2025 prior to V225.0 Update 5 is affected by a stack-based overflow while parsing specially crafted CFG files. The issue is triggered during CFG file processing and can allow code execution in the context of the current process. Vulnerable component is the CFG file parser; ro...

7.8CVSS7.5AI score0.00149EPSS
CVE
CVE
added 2025/07/08 10:34 a.m.26 views

CVE-2025-40740

Siemens Solid Edge SE2025 is affected by CVE-2025-40740, an out-of-bounds read when parsing specially crafted PAR files, allowing code execution in the current process. Affected product: Solid Edge SE2025 (all versions before V225.0 Update 5). Root cause: out-of-bounds read past the end of an all...

7.8CVSS7.3AI score0.00138EPSS
CVE
CVE
added 2025/07/08 10:34 a.m.25 views

CVE-2025-40739

Summary (CVE-2025-40739) : Siemens Solid Edge SE2025 prior to V225.0 Update 5 contains an out-of-bounds read while parsing specially crafted PAR files, which can lead to code execution in the process context. This vulnerability affects Solid Edge SE2025 versions before the Update 5 release. Accor...

7.8CVSS7.3AI score0.00138EPSS