ID

VAR-202109-1792


CVE

CVE-2021-41535


TITLE

Siemens Solid Edge Viewer OBJ File Parsing Use-After-Free Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-21-1119

DESCRIPTION

A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process (ZDI-CAN-13771). This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of OBJ files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.16

sources: NVD: CVE-2021-41535 // ZDI: ZDI-21-1119 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-41535

AFFECTED PRODUCTS

vendor:siemensmodel:nx 1969scope:ltversion:1973.3700

Trust: 1.0

vendor:siemensmodel:nx 1984scope:ltversion:1984

Trust: 1.0

vendor:siemensmodel:nx 1961scope:ltversion:1973.3700

Trust: 1.0

vendor:siemensmodel:nx 1965scope:ltversion:1973.3700

Trust: 1.0

vendor:siemensmodel:solid edgescope:eqversion:se2021

Trust: 1.0

vendor:siemensmodel:solid edgescope:ltversion:se2021

Trust: 1.0

vendor:siemensmodel:nx 1988scope:ltversion:1984

Trust: 1.0

vendor:siemensmodel:nx 1957scope:ltversion:1973.3700

Trust: 1.0

vendor:siemensmodel:solid edge viewerscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-1119 // NVD: CVE-2021-41535

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2021-41535
value: HIGH

Trust: 1.0

ZDI: CVE-2021-41535
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202109-1837
value: HIGH

Trust: 0.6

VULMON: CVE-2021-41535
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-41535
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: CVE-2021-41535
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ZDI: CVE-2021-41535
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-1119 // VULMON: CVE-2021-41535 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-1837 // NVD: CVE-2021-41535

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.0

sources: NVD: CVE-2021-41535

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202109-1837

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

CONFIGURATIONS

sources: NVD: CVE-2021-41535

PATCH

title: - url:https://www.siemens.com/cert/advisories/https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf

Trust: 0.7

title:Siemens Solid Edge Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=164366

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=3b85ee03e935aff52e55e7402b3926a1

Trust: 0.1

sources: ZDI: ZDI-21-1119 // VULMON: CVE-2021-41535 // CNNVD: CNNVD-202109-1837

EXTERNAL IDS

db:NVDid:CVE-2021-41535

Trust: 2.4

db:ZDIid:ZDI-21-1119

Trust: 2.4

db:SIEMENSid:SSA-728618

Trust: 1.7

db:SIEMENSid:SSA-328042

Trust: 1.6

db:ZDI_CANid:ZDI-CAN-13771

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021092905

Trust: 0.6

db:CS-HELPid:SB2021111007

Trust: 0.6

db:AUSCERTid:ESB-2021.3454

Trust: 0.6

db:AUSCERTid:ESB-2021.3874

Trust: 0.6

db:ICS CERTid:ICSA-21-315-08

Trust: 0.6

db:ICS CERTid:ICSA-21-287-06

Trust: 0.6

db:CNNVDid:CNNVD-202109-1837

Trust: 0.6

db:VULMONid:CVE-2021-41535

Trust: 0.1

sources: ZDI: ZDI-21-1119 // VULMON: CVE-2021-41535 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-1837 // NVD: CVE-2021-41535

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-21-1119/

Trust: 2.4

url:https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-328042.pdf

Trust: 1.6

url:https://www.siemens.com/cert/advisories/https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdf

Trust: 0.7

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-287-06

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3874

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3454

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-41535

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021092905

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-315-08

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021111007

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/416.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-21-1119 // VULMON: CVE-2021-41535 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-1837 // NVD: CVE-2021-41535

CREDITS

xina1i

Trust: 1.3

sources: ZDI: ZDI-21-1119 // CNNVD: CNNVD-202109-1837

SOURCES

db:ZDIid:ZDI-21-1119
db:VULMONid:CVE-2021-41535
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202109-1837
db:NVDid:CVE-2021-41535

LAST UPDATE DATE

2022-05-04T07:50:56.011000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-1119date:2021-09-30T00:00:00
db:VULMONid:CVE-2021-41535date:2021-10-01T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202109-1837date:2021-11-18T00:00:00
db:NVDid:CVE-2021-41535date:2021-11-28T23:22:00

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-1119date:2021-09-30T00:00:00
db:VULMONid:CVE-2021-41535date:2021-09-28T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202109-1837date:2021-09-28T00:00:00
db:NVDid:CVE-2021-41535date:2021-09-28T12:15:00