The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf | Vendor Advisory |
https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-07 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2023-11-21T18:19:10.557Z
Updated: 2023-11-21T18:19:10.557Z
Reserved: 2021-08-10T19:21:41.085Z
Link: CVE-2021-38405
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-21T19:15:07.647
Modified: 2023-11-30T05:39:30.360
Link: CVE-2021-38405
JSON object: View
Redhat Information
No data.