A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). The femap.exe application lacks proper validation of user-supplied data when parsing modfem files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14260)
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-997732.pdf | Patch Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-1073/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2021-09-14T10:47:44
Updated: 2021-09-15T16:06:14
Reserved: 2021-07-21T00:00:00
Link: CVE-2021-37176
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-09-14T11:15:25.457
Modified: 2021-09-23T18:44:46.137
Link: CVE-2021-37176
JSON object: View
Redhat Information
No data.
CWE