CNNVD-202507-3025 Information

CNNVD ID

CNNVD-202507-3025

Related CVE

CVE-2025-33076

• CNNVD Published: 2025-07-23

Description (Chinese)

IBM Engineering Systems Design Rhapsody是美国国际商业机器（IBM）公司的IBM Engineering 产品组合的一部分。它为支持 UML、SysML、UAF 和 AUTOSAR 的系统工程师提供协作设计开发和测试环境。 IBM Engineering Systems Design Rhapsody 9.0.2版本和10.0版本和10.0.1版本存在缓冲区错误漏洞，该漏洞源于边界检查不当，可能导致栈缓冲区溢出和任意代码执行。

Description (English)

IBM Engineering Systems Designing Rhapsody is part of the IBM Engineering product portfolio of IBM. It provides a collaborative design development and testing environment to support systems engineers in UML, SysML, UAF and AUTOSAR. IBM Engineering Systems Designer, version 9.0.2, version 10.0 and version 10.0 and version 10.0 have an error loophole in the buffer zone, which stems from inadequate border checks, which may lead to spills and arbitrary code enforcement of the silo buffer zone.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

国际商业机器

Published

2025-07-23

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7240368

Patch

https://www.ibm.com/support/pages/node/7240368