A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13703).
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf | Patch Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-740908.pdf | Patch Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-1118/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2021-09-28T11:12:28
Updated: 2021-11-09T11:32:10
Reserved: 2021-09-21T00:00:00
Link: CVE-2021-41534
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-09-28T12:15:08.040
Modified: 2021-11-28T23:29:46.063
Link: CVE-2021-41534
JSON object: View
Redhat Information
No data.
CWE