Skip to main content

Pads Viewer CVE-2022-34288

MEDIUM
Out-of-bounds Read (CWE-125)
2022-07-12 productcert@siemens.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jul 12, 2022 - 10:15 nvd
MEDIUM 5.5

DescriptionNVD

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-053)

AnalysisAI

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-053) Affected products include: Siemens Pads Viewer.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

CVE-2022-34289 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34286 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34284 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34281 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34280 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34279 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34278 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34277 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34276 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34275 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34274 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

CVE-2022-34273 HIGH
7.8 Jul 12

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). Rated high severity (CVSS 7.8), this vu

Share

CVE-2022-34288 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy