Tecnomatix Plant Simulation Siemens Tecnomatix Plant Simulation

  1. Vendors
  2. Siemens
  3. Tecnomatix Plant Simulation
Do you want an email whenever new security vulnerabilities are reported in Siemens Tecnomatix Plant Simulation?

By the Year

In 2024 there have been 10 vulnerabilities in Siemens Tecnomatix Plant Simulation with an average score of 7.1 out of ten. Last year Tecnomatix Plant Simulation had 35 security vulnerabilities published. Right now, Tecnomatix Plant Simulation is on track to have less security vulnerabilities in 2024 than it did last year. Last year, the average CVE base score was greater by 0.69

Year Vulnerabilities Average Score
2024 10 7.11
2023 35 7.80
2022 0 0.00
2021 3 7.80
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Tecnomatix Plant Simulation vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Siemens Tecnomatix Plant Simulation Security Vulnerabilities

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23802 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.

Out-of-bounds Read

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)

CVE-2024-23803 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23804 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted PSOBJ files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23795 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23796 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23797 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012)

CVE-2024-23798 7.8 - High - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)

CVE-2024-23799 5.5 - Medium - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

NULL Pointer Dereference

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)

CVE-2024-23800 5.5 - Medium - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

NULL Pointer Dereference

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions)

CVE-2024-23801 5.5 - Medium - February 13, 2024

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

NULL Pointer Dereference

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38071 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20824)

Memory Corruption

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38075 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20842)

Dangling pointer

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38074 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20840)

Object Type Confusion

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38070 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20818)

Memory Corruption

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38076 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21041)

Memory Corruption

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38073 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20826)

Object Type Confusion

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1)

CVE-2023-38072 7.8 - High - September 12, 2023

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20825)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-27404 7.8 - High - March 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to stack-based buffer while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20433)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-27398 7.8 - High - March 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20304)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-27399 7.8 - High - March 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20299, ZDI-CAN-20346)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-27400 7.8 - High - March 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20300)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-27401 7.8 - High - March 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20308, ZDI-CAN-20345)

Out-of-bounds Read

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-27402 7.8 - High - March 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20334)

Out-of-bounds Read

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-27403 7.8 - High - March 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains a memory corruption vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20303, ZDI-CAN-20348)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-27405 7.8 - High - March 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20432)

Out-of-bounds Read

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-27406 7.8 - High - March 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to stack-based buffer while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20449)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24984 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19806)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24979 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19789)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24978 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19788)

Access of Uninitialized Pointer

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24991 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19813)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24990 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19812)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24989 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19811)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24988 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19810)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24987 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19809)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24986 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19808)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24985 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19807)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24983 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19805)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24982 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19804)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24981 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19791)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24980 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19790)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24996 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19818)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24995 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19817)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24994 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19816)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24993 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19815)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006)

CVE-2023-24992 7.8 - High - February 14, 2023

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19814)

Memory Corruption

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5)

CVE-2021-27398 7.8 - High - May 12, 2021

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27396. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13290)

Stack Overflow

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5)

CVE-2021-27396 7.8 - High - May 12, 2021

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27398. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13279)

Stack Overflow

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5)

CVE-2021-27397 7.8 - High - May 12, 2021

A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13287)

Memory Corruption

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Siemens Tecnomatix Plant Simulation or by Siemens? Click the Watch button to subscribe.

Siemens
Vendor

Siemens Tecnomatix Plant Simulation
Product

subscribe