June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Threat Actors Exploit Microsoft Exchange Server to Launch Series of Attacks
May 21, 2024
Latrodectus Malware Loader Found in Phishing Campaigns, Replacing IcedID – Active IOCs
May 21, 2024
Threat Actors Exploit Microsoft Exchange Server to Launch Series of Attacks
May 21, 2024
Latrodectus Malware Loader Found in Phishing Campaigns, Replacing IcedID – Active IOCs
May 21, 2024
Severity
High
Analysis Summary
CVE-2024-32059 CVSS:7.8
Siemens PS/IGES Parasolid Translator Component could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read flaw. By persuading a victim to open a specially crafted IGS file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
CVE-2024-32058 CVSS:7.8
Siemens PS/IGES Parasolid Translator Component could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw. By persuading a victim to open a specially crafted IGS file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
CVE-2024-32061 CVSS:7.8
Siemens PS/IGES Parasolid Translator Component could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read flaw. By persuading a victim to open a specially crafted IGS file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-32059
- CVE-2024-32058
- CVE-2024-32061
Affected Vendors
Siemens
Affected Products
- Siemens PS/IGES Parasolid Translator Component 27.1
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.