Headline

CVE-2022-27653

A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15594)

2 years ago

CVE

Open in Source

#vulnerability #pdf

%PDF-1.5 %�� 1 0 obj << /D [2 0 R /XYZ 70.866 771.024 null] >> endobj 3 0 obj << /D [2 0 R /XYZ 70.866 630.026 null] >> endobj 4 0 obj << /D [2 0 R /XYZ 70.866 548.019 null] >> endobj 5 0 obj << /D [2 0 R /XYZ 70.866 409.209 null] >> endobj 6 0 obj << /D [2 0 R /XYZ 70.866 302.305 null] >> endobj 7 0 obj << /D [8 0 R /XYZ 85.039 491.434 null] >> endobj 9 0 obj << /D [8 0 R /XYZ 70.866 230.974 null] >> endobj 10 0 obj << /S /GoTo /D [2 0 R /Fit] >> endobj 2 0 obj << /Contents 11 0 R /Type /Page /Resources 12 0 R /Parent 13 0 R /Annots [14 0 R 15 0 R 16 0 R 17 0 R 18 0 R 19 0 R 20 0 R] /MediaBox [0 0 595.276 841.89] >> endobj 14 0 obj << /A << /S /URI /Type /Action /URI (https://support.sw.siemens.com/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 446.564 446.757 457.981] >> endobj 15 0 obj << /A << /S /GoTo /D (section*.3) >> /Subtype /Link /C [1 0 0] /Type /Annot /H /I /Border [0 0 0] /Rect [302.649 421.164 433.497 433.842] >> endobj 16 0 obj << /A << /S /GoTo /D (section*.2) >> /Subtype /Link /C [1 0 0] /Type /Annot /H /I /Border [0 0 0] /Rect [386.143 319.122 524.579 330.659] >> endobj 17 0 obj << /A << /S /GoTo /D (section*.4) >> /Subtype /Link /C [1 0 0] /Type /Annot /H /I /Border [0 0 0] /Rect [147.498 301.309 309.548 312.726] >> endobj 18 0 obj << /A << /S /URI /Type /Action /URI (https://www.siemens.com/cert/operational-guidelines-industrial-security) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [164.798 210.233 487.754 221.77] >> endobj 19 0 obj << /A << /S /URI /Type /Action /URI (https://www.siemens.com/industrialsecurity) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [406.699 180.465 525.406 191.882] >> endobj 12 0 obj << /ProcSet [/PDF /Text] /Font << /F53 21 0 R /F50 22 0 R >> >> endobj 11 0 obj << /Filter /FlateDecode /Length 2655 >> stream xڵZKs�8��W�TU�� 05�)��I֖35��C�6+��#��@��(�)� ��n�� ޞ�:?y}%IG�b*�?�DF�@�q$��sx�g�l]�N�6�]�6��0��ŷ�*`��O}��{o�ǲX4i}~y;��_��N.�’�=�� 2Ҝ��_$X��v�*�GRpx_w’�9!^��٣��i�"b�!�FD�[�N?<�<��]�8��xݝ�R8��7�Q)#ʦ�"�_��PP4�TL!��q)�\��l�s�9�\P��c��T?��5�h��?�%� ܱ�׏�20A"*�120!@=�D 4�9$3J��4S$l��L��˼γjW�aW�H��EFǇ$AbFҾ$�z�q<�ŷ"�0�Q�(�� @L39��*��uV�/�dG�/8�u�L’#��!��{p��Z�e?�uC#æ�`v�!� ��K��ɢ(��d`7�>�CჁ�&n`�q�/# ��a�$F�2i�p��)n��I�k��.�:{i�"�S"O)A긝R�c��]R�n��f�vIM�v�7e ^�6~�fe��nA ?A ��m��#��~M��t$��^+(�x�A+(��#.@�w��8��ۙ$�x�P�Q�>8P`Vc`��N@/��0=ثa��fLz��|�9��aI;�<�UYZg��7�u�ES��h��s��<�o6��(l�!��؏ D%`G�AV��)�#8eaZ4˅{��g�Ox|��{~��]��d�yqZ�Rf 2��{��޽�=�C�yL��

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.