CVE-2023-39419

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process.

Published: Aug 8, 2023
Updated: Aug 16, 2023
CVE: CVE-2023-39419
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
siemens / solid_edge	se2023	se2023.x

https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf

Vulnerability Database

289,784

CVE-2023-39419