Severity
High
Analysis Summary
CVE-2024-32059 CVSS:7.8
Siemens PS/IGES Parasolid Translator Component could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read flaw. By persuading a victim to open a specially crafted IGS file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
CVE-2024-32058 CVSS:7.8
Siemens PS/IGES Parasolid Translator Component could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw. By persuading a victim to open a specially crafted IGS file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
CVE-2024-32061 CVSS:7.8
Siemens PS/IGES Parasolid Translator Component could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read flaw. By persuading a victim to open a specially crafted IGS file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-32059
- CVE-2024-32058
- CVE-2024-32061
Affected Vendors
Affected Products
- Siemens PS/IGES Parasolid Translator Component 27.1
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.