CVE-2025-23396 Information
Mar 12, 2025
cve
Description
A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13) Teamcenter Visualization V2312 (All versions < V2312.0009) Teamcenter Visualization V2406 (All versions < V2406.0007) Teamcenter Visualization V2412 (All versions < V2412.0002) Tecnomatix Plant Simulation V2302 (All versions < V2302.0021) Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Reference
https://cert-portal.siemens.com/productcert/html/ssa-050438.html
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: