CNNVD-202511-994 Information
CNNVD ID
CNNVD-202511-994
Related CVE
- CNNVD Published: 2025-11-11
Description (Chinese)
Siemens Altair Grid Engine是美国Siemens公司的一个分布式资源管理系统。 Siemens Altair Grid Engine V2026.0.0之前版本存在代码问题漏洞,该漏洞源于加载共享库时未正确验证环境变量,可能导致通过恶意库替换进行路径劫持,从而以超级用户权限执行任意代码。
Description (English)
Siemens Altair Grid Engineering is a distributed resource management system for Siemens in the United States. The previous version of Siemens Altair Grid Engineering V2026.0.0 had a code problem loophole, which stemmed from the incorrect validation of environmental variables when loading the shared library, which could lead to route hijackings through the replacement of the malicious library, thus implementing arbitrary codes with super-user privileges.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
西门子
Published
2025-11-11
Last Modified
2026-02-24
References
https://cert-portal.siemens.com/productcert/html/ssa-514895.html https://access.redhat.com/security/cve/cve-2025-40763
Patch
https://cert-portal.siemens.com/productcert/html/ssa-514895.html
Share on: