Solid Edge Se2023
CVE-2023-30986
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from Vendor (siemens) · only source for this CVE.
CVSS VectorVendor: siemens
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain a memory corruption vulnerability while parsing specially crafted STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19561)
AnalysisAI
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain a memory corruption vulnerability while parsing specially crafted STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19561) Affected products include: Siemens Solid Edge Se2023.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in Solid Edge Se2023
View allA vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.
A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today