Multiple vulnerabilities in Siemens Solid Edge



Risk High
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2023-39181
CVE-2023-39182
CVE-2023-39183
CVE-2023-39184
CVE-2023-39185
CVE-2023-39186
CVE-2023-39187
CVE-2023-39188
CVE-2023-39419
CWE-ID CWE-787
CWE-125
Exploitation vector Network
Public exploit N/A
Vulnerable software
Solid Edge SE2023
Server applications / SCADA systems

Vendor Siemens

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Out-of-bounds write

EUVDB-ID: #VU79289

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39181

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error while parsing a specially crafted PAR file. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Solid Edge SE2023: before 223.0 Update 7

CPE2.3 External links

http://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU79292

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39182

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition while parsing specially crafted DFT files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Solid Edge SE2023: before 223.0 Update 7

CPE2.3 External links

http://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU79293

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39183

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition while parsing specially crafted PSM files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Solid Edge SE2023: before 223.0 Update 7

CPE2.3 External links

http://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU79295

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39184

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition while parsing specially crafted PSM files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Solid Edge SE2023: before 223.0 Update 7

CPE2.3 External links

http://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU79297

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39185

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition while parsing specially crafted PAR files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Solid Edge SE2023: before 223.0 Update 7

CPE2.3 External links

http://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU79298

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39186

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition while parsing specially crafted DFT files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Solid Edge SE2023: before 223.0 Update 7

CPE2.3 External links

http://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds read

EUVDB-ID: #VU79300

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39187

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition while parsing specially crafted DFT files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Solid Edge SE2023: before 223.0 Update 7

CPE2.3 External links

http://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Out-of-bounds read

EUVDB-ID: #VU79302

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39188

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition while parsing specially crafted DFT files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Solid Edge SE2023: before 223.0 Update 7

CPE2.3 External links

http://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds write

EUVDB-ID: #VU79303

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39419

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error while parsing specially crafted DFT files. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Solid Edge SE2023: before 223.0 Update 7

CPE2.3 External links

http://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###