Critical RCE Alarm in Siemens Solid Edge Viewer Software

March 3, 2023
2:26 pm

[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]Siemens has released an update to address a heap-based buffer overflow vulnerability in its Solid Edge Viewer software, which could allow a remote attacker to execute arbitrary code on affected installations. The vulnerability, tracked as CVE-2023-22669, exists within the parsing of DWG files due to the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer.

The Vulnerability in Siemens Solid Edge Viewer Has a 9.8 CVSS Score

The vulnerability has a CVSS score of high severity and requires user interaction in that the target must visit a malicious page or open a malicious file. An attacker can leverage this vulnerability to execute code in the context of the current process.

Siemens has urged affected users to update their software as soon as possible to the latest version, which can be obtained from the vendor’s website.[/vc_column_text][vc_empty_space][/vc_column][/vc_row]

Critical RCE Alarm in Siemens Solid Edge Viewer Software

The Vulnerability in Siemens Solid Edge Viewer Has a 9.8 CVSS Score

Share This:

Channel Partners

Become A Partner

Partner Portal Login

The Bridge Partner Program

Blog

Customer Stories

Datasheets

e-Books

Events

Glossary

Threat Intelligence Researches

Reports

Security News

Infographics

Whitepapers

Explore Our Ransomware Threats Report

Platform Overview

Brand Protection

Exposure Management

Cyber Threat Intelligence

Supply Chain Security

Technology Integrations

CONTACT US

About Us

Careers

News

Awards

Logos & Press Kit

Threat Intelligence Services

Brand Monitoring

Fraud Protection

VIP Security

Vulnerability Intelligence

Attack Surface Management

Preventing Data Leakage

Phishing Monitoring

Account Takeover Detection

Stolen Credit Cards

Dark Web Monitoring

Remediation and Takedown