CNNVD-202602-1648 Information
CNNVD ID
CNNVD-202602-1648
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
Siemens Simcenter Femap和Siemens Simcenter Nastran都是德国西门子(Siemens)公司的产品。Siemens Simcenter Femap是一款尖端工程学仿真应用程序。用于创建、编辑和导入/重用复杂产品或系统基于网格的有限元分析模型。Siemens Simcenter Nastran是一流的有限元方法 (FEM) 求解器,旨在提高计算性能、准确性和可靠性。 Siemens Simcenter Femap V2512之前版本和Simcenter Nastran V2512之前版本存在缓冲区错误漏洞,该漏洞源于解析特制XDB文件时存在越界写入,可能导致攻击者在当前进程环境中执行代码。
Description (English)
Siemens Simcenter Femap and Siemens Simcenter Nastran are products of Siemens, Germany. Siemens Simpson Femap is a sophisticated engineering simulation application. Limited meta-analysis models for creating, editing and importing/reusing complex products or systems based on grids. Siemens Simpson Nastran is a first-class, limited-utility (FEM) solver designed to improve computing performance, accuracy and reliability. Pre-Siemens Simcenter Femap V2512 and pre-Simcenter Nastran V2512 had an error loophole in the buffer zone, which stemmed from cross-border writing at the time of the deconstruction of the XDB document, which could lead to code implementation by the attackers in the current process environment.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
西门子
Published
2026-02-10
Last Modified
2026-02-24
References
https://cert-portal.siemens.com/productcert/html/ssa-965753.html https://access.redhat.com/security/cve/cve-2026-23715
Patch
https://cert-portal.siemens.com/productcert/html/ssa-965753.html
Share on: