CVE-2024-54095

A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 10). The affected application is vulnerable to integer underflow vulnerability which can be triggered while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Published: Dec 10, 2024
Updated: May 4, 2025
CVE: CVE-2024-54095
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-191

Affected Software
References

Software	From	Fixed in
siemens / solid_edge_se2024	224.0-update_0001	224.0-update_0001.x
siemens / solid_edge_se2024	224.0-update_0002	224.0-update_0002.x
siemens / solid_edge_se2024	-	224.0
siemens / solid_edge_se2024	224.0	224.0.x
siemens / solid_edge_se2024	224.0-update_0003	224.0-update_0003.x
siemens / solid_edge_se2024	224.0-update_0004	224.0-update_0004.x
siemens / solid_edge_se2024	224.0-update_0005	224.0-update_0005.x
siemens / solid_edge_se2024	224.0-update_0006	224.0-update_0006.x
siemens / solid_edge_se2024	224.0-update_0007	224.0-update_0007.x
siemens / solid_edge_se2024	224.0-update_0008	224.0-update_0008.x
siemens / solid_edge_se2024	224.0-update_0009	224.0-update_0009.x

https://cert-portal.siemens.com/productcert/html/ssa-730188.html

Vulnerability Database

290,020

CVE-2024-54095