Simcenter Femap
Monthly
Code execution in Simcenter Femap and Nastran versions prior to V2512 results from an out-of-bounds read flaw triggered when parsing malicious NDB files. A local attacker with user interaction can exploit this vulnerability to execute arbitrary code with the privileges of the affected application. No patch is currently available for this vulnerability.
Heap-based buffer overflow in Simcenter Femap and Nastran versions prior to V2512 allows local attackers to achieve arbitrary code execution by crafting malicious NDB files. The vulnerability requires user interaction to trigger and affects all current versions of both products. No patch is currently available, leaving affected systems at risk of privilege escalation and system compromise.
Out-of-bounds read in Simcenter Femap and Nastran versions prior to V2512 during NDB file parsing enables local code execution under the current process context. An attacker can exploit this vulnerability through specially crafted NDB files to achieve arbitrary code execution. No patch is currently available for this high-severity vulnerability affecting both products.
Simcenter Femap and Nastran versions prior to 2512 are vulnerable to out-of-bounds memory reads when processing maliciously crafted XDB files, enabling arbitrary code execution with the privileges of the affected application. Local attackers can exploit this vulnerability through specially designed files to achieve full system compromise. No patch is currently available for this high-severity flaw.
Arbitrary code execution in Simcenter Femap and Nastran versions prior to 2512 results from an out-of-bounds read when processing malicious XDB files, enabling local attackers to achieve process-level code execution. An attacker with local access can craft a specially designed XDB file to trigger the memory vulnerability and execute arbitrary code with the privileges of the affected application. No patch is currently available for this vulnerability.
Arbitrary code execution in Simcenter Femap and Nastran versions prior to V2512 results from an out-of-bounds write flaw triggered by parsing malicious XDB files. Local attackers with user interaction can exploit this vulnerability to execute arbitrary code with the privileges of the affected application. No patch is currently available for this high-severity vulnerability.
A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.
A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.
A vulnerability has been identified in Simcenter Femap V2401 (All versions < V2401.0003), Simcenter Femap V2406 (All versions < V2406.0002). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.
Code execution in Simcenter Femap and Nastran versions prior to V2512 results from an out-of-bounds read flaw triggered when parsing malicious NDB files. A local attacker with user interaction can exploit this vulnerability to execute arbitrary code with the privileges of the affected application. No patch is currently available for this vulnerability.
Heap-based buffer overflow in Simcenter Femap and Nastran versions prior to V2512 allows local attackers to achieve arbitrary code execution by crafting malicious NDB files. The vulnerability requires user interaction to trigger and affects all current versions of both products. No patch is currently available, leaving affected systems at risk of privilege escalation and system compromise.
Out-of-bounds read in Simcenter Femap and Nastran versions prior to V2512 during NDB file parsing enables local code execution under the current process context. An attacker can exploit this vulnerability through specially crafted NDB files to achieve arbitrary code execution. No patch is currently available for this high-severity vulnerability affecting both products.
Simcenter Femap and Nastran versions prior to 2512 are vulnerable to out-of-bounds memory reads when processing maliciously crafted XDB files, enabling arbitrary code execution with the privileges of the affected application. Local attackers can exploit this vulnerability through specially designed files to achieve full system compromise. No patch is currently available for this high-severity flaw.
Arbitrary code execution in Simcenter Femap and Nastran versions prior to 2512 results from an out-of-bounds read when processing malicious XDB files, enabling local attackers to achieve process-level code execution. An attacker with local access can craft a specially designed XDB file to trigger the memory vulnerability and execute arbitrary code with the privileges of the affected application. No patch is currently available for this vulnerability.
Arbitrary code execution in Simcenter Femap and Nastran versions prior to V2512 results from an out-of-bounds write flaw triggered by parsing malicious XDB files. Local attackers with user interaction can exploit this vulnerability to execute arbitrary code with the privileges of the affected application. No patch is currently available for this high-severity vulnerability.
A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.
A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.
A vulnerability has been identified in Simcenter Femap V2401 (All versions < V2401.0003), Simcenter Femap V2406 (All versions < V2406.0002). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.