CVE-2023-38680

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: Aug 14, 2023

CWE ID 787

Summary

CVE-2023-38680 is a newly discovered vulnerability affecting Tecnomatix Plant Simulation versions V2201 below V2201.0008 and V2302 below V2302.0002. This issue arises due to an out-of-bounds write vulnerability during the processing of a maliciously crafted SPP file. The buffer overflow can enable an attacker to inject and execute arbitrary code within the affected application, potentially leading to serious security consequences. (Note: This summary is based on the provided information and is not a direct copy from the source text.)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens Tecnomatix

Affected Vendors

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sGUPB-
https://www.cve.org/CVERecord?id=CVE-2023-38680
https://nvd.nist.gov/vuln/detail/CVE-2023-38680

Back to Vulnerability Database