Vulnerability-Lookup

CVE-2024-32637 (GCVE-0-2024-32637)

Vulnerability from cvelistv5 – Published: 2024-05-14 10:02 – Updated: 2024-08-13 07:54

Summary

A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

Severity ?

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

4.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

CWE

CWE-476 - NULL Pointer Dereference

Assigner

siemens

References

URL

Tags

	https://cert-portal.siemens.com/productcert/html/…
	https://cert-portal.siemens.com/productcert/html/…

Impacted products

Vendor

Product

Version

Siemens

JT2Go

Affected: 0 , < V2312.0005 (custom)

Siemens	Teamcenter Visualization V14.2	Affected: 0 , < V14.2.0.12 (custom)
Siemens	Teamcenter Visualization V14.3	Affected: 0 , < V14.3.0.10 (custom)
Siemens	Teamcenter Visualization V2312	Affected: 0 , < V2312.0005 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:siemens:ps_iges_parasolid_translator_component:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ps_iges_parasolid_translator_component",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "v27.1.215 ",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-32637",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-14T13:37:33.414539Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-18T18:07:35.849Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T02:13:40.086Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "JT2Go",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2312.0005",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Teamcenter Visualization V14.2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V14.2.0.12",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Teamcenter Visualization V14.3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V14.3.0.10",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Teamcenter Visualization V2312",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2312.0005",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in JT2Go (All versions \u003c V2312.0005), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.12), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.10), Teamcenter Visualization V2312 (All versions \u003c V2312.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-13T07:54:07.678Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-32637",
    "datePublished": "2024-05-14T10:02:44.682Z",
    "dateReserved": "2024-04-16T10:52:15.707Z",
    "dateUpdated": "2024-08-13T07:54:07.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-046364.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T02:13:40.086Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-32637\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-14T13:37:33.414539Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:siemens:ps_iges_parasolid_translator_component:*:*:*:*:*:*:*:*\"], \"vendor\": \"siemens\", \"product\": \"ps_iges_parasolid_translator_component\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"v27.1.215 \", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-14T13:37:36.409Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 3.3, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\"}}, {\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N\"}}], \"affected\": [{\"vendor\": \"Siemens\", \"product\": \"JT2Go\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V2312.0005\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"Teamcenter Visualization V14.2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V14.2.0.12\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"Teamcenter Visualization V14.3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V14.3.0.10\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"Teamcenter Visualization V2312\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V2312.0005\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-046364.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-856475.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in JT2Go (All versions \u003c V2312.0005), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.12), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.10), Teamcenter Visualization V2312 (All versions \u003c V2312.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476: NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"shortName\": \"siemens\", \"dateUpdated\": \"2024-08-13T07:54:07.678Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-32637\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-13T07:54:07.678Z\", \"dateReserved\": \"2024-04-16T10:52:15.707Z\", \"assignerOrgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"datePublished\": \"2024-05-14T10:02:44.682Z\", \"assignerShortName\": \"siemens\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GSD-2024-32637

Vulnerability from gsd - Updated: 2024-04-17 05:01

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-32637

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-32637"
      ],
      "id": "GSD-2024-32637",
      "modified": "2024-04-17T05:01:56.746922Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-32637",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

CERTFR-2024-AVI-0672

Vulnerability from certfr_avis - Published: 2024-08-13 - Updated: 2024-08-16

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Siemens	N/A	SCALANCE M-800 versions antérieures à V8.1
Siemens	N/A	Teamcenter Visualization versions V14.2 antérieures à V14.2.0.12
Siemens	N/A	JT2Go versions antérieures à V2312.0005
Siemens	N/A	Teamcenter Visualization versions V2312 antérieures à V2312.0005
Siemens	N/A	INTRALOG WMS versions antérieures à V4
Siemens	N/A	LOGO! V8.3 BM (aucun correctif n'est prévu)
Siemens	N/A	SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) versions antérieures à V8.1
Siemens	N/A	SIPLUS LOGO! V8.3 BM (aucun correctif n'est prévu)
Siemens	N/A	SINEC NMS versions antérieures à V3.0
Siemens	N/A	Teamcenter Visualization versions V14.3 antérieures à V14.3.0.10
Siemens	N/A	COMOS versions antérieures à V10.5
Siemens	N/A	Location Intelligence family versions antérieures à V4.4
Siemens	N/A	SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) versions antérieures à V8.1
Siemens	N/A	SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	NX versions antérieures à V2406.3000
Siemens	N/A	SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M-800 versions antérieures à V7.2.2
Siemens	N/A	SINEC Traffic Analyzer versions antérieures à V2.0

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-856475	2024-08-13	vendor-advisory
Bulletin de sécurité Siemens SSA-357412	2024-08-13	vendor-advisory
Bulletin de sécurité Siemens SSA-720392	2024-08-13	vendor-advisory
Bulletin de sécurité Siemens SSA-921449	2024-08-13	vendor-advisory
Bulletin de sécurité Siemens SSA-068047	2024-08-13	vendor-advisory
Bulletin de sécurité Siemens SSA-784301	2024-08-13	vendor-advisory
Bulletin de sécurité Siemens SSA-716317	2024-08-13	vendor-advisory
Bulletin de sécurité Siemens SSA-659443	2024-08-13	vendor-advisory
Bulletin de sécurité Siemens SSA-087301	2024-08-13	vendor-advisory
Bulletin de sécurité Siemens SSA-417547	2024-08-13	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SCALANCE M-800 versions ant\u00e9rieures \u00e0 V8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Visualization versions V14.2 ant\u00e9rieures \u00e0 V14.2.0.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "JT2Go versions ant\u00e9rieures \u00e0 V2312.0005",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Visualization versions V2312 ant\u00e9rieures \u00e0 V2312.0005",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "INTRALOG WMS versions ant\u00e9rieures \u00e0 V4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! V8.3 BM (aucun correctif n\u0027est pr\u00e9vu)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! V8.3 BM (aucun correctif n\u0027est pr\u00e9vu)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINEC NMS versions ant\u00e9rieures \u00e0 V3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Visualization versions V14.3 ant\u00e9rieures \u00e0 V14.3.0.10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": " COMOS versions ant\u00e9rieures \u00e0 V10.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Location Intelligence family versions ant\u00e9rieures \u00e0 V4.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "NX versions ant\u00e9rieures \u00e0 V2406.3000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M-800 versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINEC Traffic Analyzer versions ant\u00e9rieures \u00e0 V2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-41976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41976"
    },
    {
      "name": "CVE-2024-32635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32635"
    },
    {
      "name": "CVE-2024-41682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41682"
    },
    {
      "name": "CVE-2024-41906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41906"
    },
    {
      "name": "CVE-2023-44321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
    },
    {
      "name": "CVE-2023-52425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
    },
    {
      "name": "CVE-2024-32636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32636"
    },
    {
      "name": "CVE-2023-44317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
    },
    {
      "name": "CVE-2024-28757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
    },
    {
      "name": "CVE-2024-41908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41908"
    },
    {
      "name": "CVE-2023-52426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
    },
    {
      "name": "CVE-2024-41683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41683"
    },
    {
      "name": "CVE-2023-5868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5868"
    },
    {
      "name": "CVE-2024-41938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41938"
    },
    {
      "name": "CVE-2024-41978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41978"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-45802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45802"
    },
    {
      "name": "CVE-2024-0056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0056"
    },
    {
      "name": "CVE-2023-5180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5180"
    },
    {
      "name": "CVE-2023-26495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26495"
    },
    {
      "name": "CVE-2024-41681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41681"
    },
    {
      "name": "CVE-2023-5870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
    },
    {
      "name": "CVE-2024-30045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30045"
    },
    {
      "name": "CVE-2023-44320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
    },
    {
      "name": "CVE-2023-42795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42795"
    },
    {
      "name": "CVE-2024-41905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41905"
    },
    {
      "name": "CVE-2023-5869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5869"
    },
    {
      "name": "CVE-2024-36398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36398"
    },
    {
      "name": "CVE-2023-4611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4611"
    },
    {
      "name": "CVE-2023-43622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43622"
    },
    {
      "name": "CVE-2023-45648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45648"
    },
    {
      "name": "CVE-2024-41907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41907"
    },
    {
      "name": "CVE-2024-39922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39922"
    },
    {
      "name": "CVE-2024-41977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41977"
    },
    {
      "name": "CVE-2023-31122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31122"
    },
    {
      "name": "CVE-2024-41904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41904"
    },
    {
      "name": "CVE-2023-46120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46120"
    },
    {
      "name": "CVE-2024-25062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
    },
    {
      "name": "CVE-2023-6481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
    },
    {
      "name": "CVE-2023-6378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
    },
    {
      "name": "CVE-2024-41940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41940"
    },
    {
      "name": "CVE-2023-42794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42794"
    },
    {
      "name": "CVE-2024-32637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32637"
    },
    {
      "name": "CVE-2023-46280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46280"
    },
    {
      "name": "CVE-2024-0985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0985"
    },
    {
      "name": "CVE-2023-49692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49692"
    },
    {
      "name": "CVE-2023-34050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34050"
    },
    {
      "name": "CVE-2023-46589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46589"
    },
    {
      "name": "CVE-2023-39615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
    },
    {
      "name": "CVE-2024-28182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
    },
    {
      "name": "CVE-2024-41939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41939"
    },
    {
      "name": "CVE-2024-41941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41941"
    }
  ],
  "initial_release_date": "2024-08-13T00:00:00",
  "last_revision_date": "2024-08-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0672",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-08-13T00:00:00.000000"
    },
    {
      "description": "Ajout des identifiants CVE manquants.",
      "revision_date": "2024-08-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-856475",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-357412",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-357412.html"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-720392",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-720392.html"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-921449",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-921449.html"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-068047",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-784301",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-716317",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-716317.html"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-659443",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-659443.html"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-087301",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
    },
    {
      "published_at": "2024-08-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-417547",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-417547.html"
    }
  ]
}

FKIE_CVE-2024-32637

Vulnerability from fkie_nvd - Published: 2024-05-14 16:17 - Updated: 2025-10-03 20:06

Severity ?

3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-046364.html	Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-856475.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/html/ssa-046364.html	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	jt2go	*
siemens	parasolid	*
siemens	parasolid	*
siemens	parasolid	*
siemens	teamcenter_visualization	*
siemens	teamcenter_visualization	*
siemens	teamcenter_visualization	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ADC8CD5-4DDC-4762-9D88-F8B6C28BF3C7",
              "versionEndExcluding": "2312.0005",
              "versionStartIncluding": "2312.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:parasolid:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB93C557-77AB-40CD-B7ED-190129A95AA8",
              "versionEndExcluding": "35.1.256",
              "versionStartIncluding": "35.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:parasolid:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7EF9818-8B80-422B-9BDD-DBAB78CB54F6",
              "versionEndExcluding": "36.0.208",
              "versionStartIncluding": "36.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:parasolid:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "591DB9A6-678C-41C1-B53A-951B52464753",
              "versionEndExcluding": "36.1.173",
              "versionStartIncluding": "36.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0973D930-AC79-48B1-A4A6-25F7734B5822",
              "versionEndExcluding": "14.2.0.12",
              "versionStartIncluding": "14.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05525CD6-CA13-4919-83EC-91A4DF62048F",
              "versionEndExcluding": "14.3.0.10",
              "versionStartIncluding": "14.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6FB16B6-BD25-4DE8-B1D8-BADB3984D15F",
              "versionEndExcluding": "2312.0005",
              "versionStartIncluding": "2312.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in JT2Go (All versions \u003c V2312.0005), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.12), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.10), Teamcenter Visualization V2312 (All versions \u003c V2312.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en Parasolid V35.1 (Todas las versiones \u0026lt; V35.1.256), Parasolid V36.0 (Todas las versiones \u0026lt; V36.0.208), Parasolid V36.1 (Todas las versiones \u0026lt; V36.1.173). Las aplicaciones afectadas contienen una vulnerabilidad de desreferencia de puntero nulo al analizar archivos X_T especialmente manipulados. Un atacante podr\u00eda aprovechar esta vulnerabilidad para bloquear la aplicaci\u00f3n y provocar una condici\u00f3n de denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-32637",
  "lastModified": "2025-10-03T20:06:56.263",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 3.3,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 1.4,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "PASSIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "LOW",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-14T16:17:06.590",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    }
  ]
}

GHSA-X3J5-GF6Q-9CM2

Vulnerability from github – Published: 2024-05-14 18:31 – Updated: 2024-11-18 16:26

Details

A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.256), Parasolid V36.0 (All versions < V36.0.208), Parasolid V36.1 (All versions < V36.1.173). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

Severity ?

3.3 (Low)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

4.8 (Medium)


                  
                    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-32637"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-14T16:17:06Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in Parasolid V35.1 (All versions \u003c V35.1.256), Parasolid V36.0 (All versions \u003c V36.0.208), Parasolid V36.1 (All versions \u003c V36.1.173). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.",
  "id": "GHSA-x3j5-gf6q-9cm2",
  "modified": "2024-11-18T16:26:41Z",
  "published": "2024-05-14T18:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32637"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-856475.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

CNVD-2024-23107

Vulnerability from cnvd - Published: 2024-05-16

Title

Siemens Parasolid X_T文件空指针取消引用漏洞

Description

Siemens Parasolid是一种三维几何建模工具，支持各种技术，包括实体建模、直接编辑和自由曲面/图纸建模。 Siemens Parasolid X_T文件存在空指针取消引用漏洞，攻击者可利用该漏洞使应用程序崩溃，从而造成拒绝服务。

Severity

低

Patch Name

Siemens Parasolid X_T文件空指针取消引用漏洞的补丁

Patch Description

Siemens Parasolid是一种三维几何建模工具，支持各种技术，包括实体建模、直接编辑和自由曲面/图纸建模。 Siemens Parasolid X_T文件存在空指针取消引用漏洞，攻击者可利用该漏洞使应用程序崩溃，从而造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/html/ssa-046364.html

Reference

https://cert-portal.siemens.com/productcert/html/ssa-046364.html

Impacted products

Name
['Siemens Parasolid V35.1 < V35.1.256', 'Siemens Parasolid V36.0 < V36.0.208', 'Siemens Parasolid V36.1 < V36.1.173']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-32637"
    }
  },
  "description": "Siemens Parasolid\u662f\u4e00\u79cd\u4e09\u7ef4\u51e0\u4f55\u5efa\u6a21\u5de5\u5177\uff0c\u652f\u6301\u5404\u79cd\u6280\u672f\uff0c\u5305\u62ec\u5b9e\u4f53\u5efa\u6a21\u3001\u76f4\u63a5\u7f16\u8f91\u548c\u81ea\u7531\u66f2\u9762/\u56fe\u7eb8\u5efa\u6a21\u3002\n\nSiemens Parasolid X_T\u6587\u4ef6\u5b58\u5728\u7a7a\u6307\u9488\u53d6\u6d88\u5f15\u7528\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\uff0c\u4ece\u800c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-046364.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-23107",
  "openTime": "2024-05-16",
  "patchDescription": "Siemens Parasolid\u662f\u4e00\u79cd\u4e09\u7ef4\u51e0\u4f55\u5efa\u6a21\u5de5\u5177\uff0c\u652f\u6301\u5404\u79cd\u6280\u672f\uff0c\u5305\u62ec\u5b9e\u4f53\u5efa\u6a21\u3001\u76f4\u63a5\u7f16\u8f91\u548c\u81ea\u7531\u66f2\u9762/\u56fe\u7eb8\u5efa\u6a21\u3002\r\n\r\nSiemens Parasolid X_T\u6587\u4ef6\u5b58\u5728\u7a7a\u6307\u9488\u53d6\u6d88\u5f15\u7528\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\uff0c\u4ece\u800c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens Parasolid X_T\u6587\u4ef6\u7a7a\u6307\u9488\u53d6\u6d88\u5f15\u7528\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens Parasolid V35.1 \u003c V35.1.256",
      "Siemens Parasolid V36.0 \u003c V36.0.208",
      "Siemens Parasolid V36.1 \u003c V36.1.173"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-046364.html",
  "serverity": "\u4f4e",
  "submitTime": "2024-05-15",
  "title": "Siemens Parasolid X_T\u6587\u4ef6\u7a7a\u6307\u9488\u53d6\u6d88\u5f15\u7528\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-32637 (GCVE-0-2024-32637)

GSD-2024-32637

CERTFR-2024-AVI-0672

Solutions

FKIE_CVE-2024-32637

GHSA-X3J5-GF6Q-9CM2

CNVD-2024-23107

Tags

Sightings

Nomenclature