CVE-2023-38527

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: Aug 13, 2024

CWE ID 125

Summary

CVE-2023-38527 is a newly disclosed vulnerability affecting multiple versions of Parasolid (V34.1, V35.0), Teamcenter Visualization (V14.1, V14.2, V14.3, V2312), and all versions below V34.1.258, V35.0.254, V14.2.0.12, V14.3.0.9, and V2312.0004. This issue arises due to an out-of-bounds read vulnerability in these applications while parsing specially crafted X_T files. An attacker can exploit this flaw to execute arbitrary code within the affected application, gaining the same privileges as the current process.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens Teamcenter Visualization
Siemens Parasolid

Affected Vendors

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sC2Iw2
https://www.cve.org/CVERecord?id=CVE-2023-38527
https://nvd.nist.gov/vuln/detail/CVE-2023-38527

Back to Vulnerability Database