Tecnomatix Plant Sim V2201/V2302 NULPtr crash (CVE-2024-23801)
CVE-2024-23801 Published on February 13, 2024
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
Weakness Type
NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.
Products Associated with CVE-2024-23801
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-23801 are published in Siemens Tecnomatix Plant Simulation:
Affected Versions
Siemens Tecnomatix Plant Simulation V2201:- Before * is affected.
- Before V2302.0007 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.