CVE-2024-32058

A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application is vulnerable to memory corruption while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21563)

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-064222.html	Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-976324.html	Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-064222.html	Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-976324.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:siemens:ps\/iges_parasolid_translator::::::::
	cpe:2.3:a:siemens:simcenter_femap::::::::

History

20 Aug 2025, 16:26

Type	Values Removed	Values Added
First Time		Siemens Siemens ps\/iges Parasolid Translator Siemens simcenter Femap
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-064222.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-064222.html - Vendor Advisory
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-976324.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-976324.html - Vendor Advisory
CPE		cpe:2.3:a:siemens:ps\/iges_parasolid_translator:::::::: cpe:2.3:a:siemens:simcenter_femap::::::::

21 Nov 2024, 09:14

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-064222.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-064222.html -
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-976324.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-976324.html -

09 Jul 2024, 12:15

Type	Values Removed	Values Added
References		() https://cert-portal.siemens.com/productcert/html/ssa-064222.html -
Summary		(es) Se ha identificado una vulnerabilidad en el componente PS/IGES Parasolid Translator (todas las versiones
Summary	(en) A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V27.1.215). The affected application is vulnerable to memory corruption while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21563)	(en) A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application is vulnerable to memory corruption while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21563)

14 May 2024, 16:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-14 16:16

Updated : 2025-08-20 16:26

NVD link : CVE-2024-32058

Mitre link : CVE-2024-32058

CVE.ORG link : CVE-2024-32058

JSON object : View

Products Affected

siemens

simcenter_femap
ps\/iges_parasolid_translator

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

7.8 /10