CVE-2024-31980

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published May 14, 2024

CWE ID 787

Summary

CVE-2024-31980 is a newly discovered vulnerability affecting Parasolid versions V35.1, V36.0, and V36.1, with all versions below V35.1.256, V36.0.210, and V36.1.185 being vulnerable. This issue stems from an out-of-bounds write vulnerability within the application's X_T part file parsing functionality. A maliciously crafted file can exploit this weakness, leading to code execution in the context of the current process. (ZDI-CAN-23468)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v7HEoF
https://www.cve.org/CVERecord?id=CVE-2024-31980
https://nvd.nist.gov/vuln/detail/CVE-2024-31980

Back to Vulnerability Database

CVE-2024-31980

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations