CVE-2021-37180 · CVEKit

cve.orgen

358 chars

A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13775)

NVDen

358 chars

A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13775)

NVDes

440 chars

Se ha identificado una vulnerabilidad en Solid Edge versión SE2021 (Todas las versiones anteriores a SE2021MP7). La biblioteca PSKERNEL.dll carece de una comprobación apropiada mientras analiza los archivos OBJ suministrados por el usuario, lo que podría causar un acceso fuera de límites a un puntero no inicializado. Un atacante podría aprovechar esta vulnerabilidad para ejecutar código en el contexto del proceso actual. (ZDI-CAN-13775)

CVSS metrics across sources

2

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H