← Back to home
SIEMENS-SSA-173615  ·  Published 2021-07-13  ·  View on Siemens ProductCERT ↗

SSA-173615 V1.0: Multiple PAR and ASM File Parsing Vulnerabilities in Solid Edge

CVSS N/A MEDIUM

Risk Summary

<p>Siemens has released version SE2021MP5 for Solid Edge to fix multiple heap based buffer overflow vulnerabilities that could be triggered when the application read files in PAR or ASM file formats. If a user is tricked to open a malicious file with the affected application, this could lead to a crash, and potentially also to arbitrary code execution.</p> <p>Siemens recommends to update to the latest version and to avoid opening of untrusted files from unknown sources.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-173615 V1.0: Multiple PAR and ASM File Parsing Vulnerabilities in Solid Edge See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more