CVE-2021-46157
09.02.2022, 16:15
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14757)Enginsight
| Vendor | Product | Version |
|---|---|---|
| siemens | simcenter_femap | 2020.2 |
| siemens | simcenter_femap | 2020.2:maintenance_pack1 |
| siemens | simcenter_femap | 2020.2:maintenance_pack2 |
| siemens | simcenter_femap | 2020.2:maintenance_pack3 |
| siemens | simcenter_femap | 2021.1 |
| siemens | simcenter_femap | 2021.1:maintenance_pack1 |
| siemens | simcenter_femap | 2021.1:maintenance_pack2 |
| siemens | simcenter_femap | 2021.1:maintenance_pack3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.