SSA-728618 V1.0: Multiple Vulnerabilities in Solid Edge before SE2021MP8

Risk Summary

<p>Siemens has released a new version for Solid Edge that fixes multiple file parsing vulnerabilities which could be triggered when the application reads files in IFC, JT or OBJ formats.</p> <p>If a user is tricked to opening a malicious file using the affected application this could lead the application to crash, or potentially arbitrary code execution on the target host system.</p> <p>Siemens recommends to update to the latest version and to limit opening of files from unknown sources in the affected products.</p>

Remediations

• Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Affected Products (1)