Details of VAR-202310-0157

ID

VAR-202310-0157

CVE

CVE-2023-45601

TITLE

Siemens' parasolid and tecnomatix Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-013979

DESCRIPTION

A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions < V36.0.169), Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a stack overflow vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21290). Siemens' parasolid and tecnomatix Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of IGS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer

Trust: 2.25

sources: NVD: CVE-2023-45601 // JVNDB: JVNDB-2023-013979 // ZDI: ZDI-23-1577

AFFECTED PRODUCTS

vendor:	siemens	model:	tecnomatix	scope:	lt	version:	2201.0009	Trust: 1.0
vendor:	siemens	model:	parasolid	scope:	lt	version:	36.0.169	Trust: 1.0
vendor:	siemens	model:	tecnomatix	scope:	gte	version:	2201	Trust: 1.0
vendor:	siemens	model:	parasolid	scope:	lt	version:	35.1.250	Trust: 1.0
vendor:	siemens	model:	parasolid	scope:	gte	version:	35.0	Trust: 1.0
vendor:	siemens	model:	parasolid	scope:	gte	version:	36.0	Trust: 1.0
vendor:	siemens	model:	tecnomatix	scope:	gte	version:	2302	Trust: 1.0
vendor:	siemens	model:	parasolid	scope:	lt	version:	35.0.262	Trust: 1.0
vendor:	siemens	model:	tecnomatix	scope:	lt	version:	2302.0003	Trust: 1.0
vendor:	siemens	model:	parasolid	scope:	gte	version:	35.1	Trust: 1.0
vendor:	シーメンス	model:	tecnomatix	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	parasolid	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	tecnomatix plant simulation	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-23-1577 // JVNDB: JVNDB-2023-013979 // NVD: CVE-2023-45601

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-45601
value:	HIGH
Trust: 1.0
productcert@siemens.com:	CVE-2023-45601
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-45601
value:	HIGH
Trust: 0.8
ZDI:	CVE-2023-45601
value:	HIGH
Trust: 0.7

nvd@nist.gov:	CVE-2023-45601
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2023-45601
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2023-45601
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-23-1577 // JVNDB: JVNDB-2023-013979 // NVD: CVE-2023-45601 // NVD: CVE-2023-45601

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	CWE-787	Trust: 1.0
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-013979 // NVD: CVE-2023-45601

PATCH

title:

Siemens has issued an update to correct this vulnerability.

url:

https://cert-portal.siemens.com/productcert/html/ssa-524778.html

Trust: 0.7

sources: ZDI: ZDI-23-1577

EXTERNAL IDS

db:	NVD	id:	CVE-2023-45601	Trust: 3.3
db:	SIEMENS	id:	SSA-524778	Trust: 1.8
db:	JVN	id:	JVNVU98753493	Trust: 0.8
db:	JVNDB	id:	JVNDB-2023-013979	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-21290	Trust: 0.7
db:	ZDI	id:	ZDI-23-1577	Trust: 0.7

sources: ZDI: ZDI-23-1577 // JVNDB: JVNDB-2023-013979 // NVD: CVE-2023-45601

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf	Trust: 1.8
url:	https://jvn.jp/vu/jvnvu98753493/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-45601	Trust: 0.8
url:	https://cert-portal.siemens.com/productcert/html/ssa-524778.html	Trust: 0.7

sources: ZDI: ZDI-23-1577 // JVNDB: JVNDB-2023-013979 // NVD: CVE-2023-45601

CREDITS

Anonymous

Trust: 0.7

sources: ZDI: ZDI-23-1577

SOURCES

db:	ZDI	id:	ZDI-23-1577
db:	JVNDB	id:	JVNDB-2023-013979
db:	NVD	id:	CVE-2023-45601

LAST UPDATE DATE

2024-08-14T13:19:43.792000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-23-1577	date:	2023-10-19T00:00:00
db:	JVNDB	id:	JVNDB-2023-013979	date:	2023-12-22T05:15:00
db:	NVD	id:	CVE-2023-45601	date:	2023-10-12T00:44:25.833

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-23-1577	date:	2023-10-19T00:00:00
db:	JVNDB	id:	JVNDB-2023-013979	date:	2023-12-22T00:00:00
db:	NVD	id:	CVE-2023-45601	date:	2023-10-10T11:15:13.247