Vulnerability Description
A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13703).
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Solid Edge | < se2021 |
| Siemens | Nx 1984 Firmware | < 1984 |
| Siemens | Nx 1984 | - |
| Siemens | Nx 1988 Firmware | < 1984 |
| Siemens | Nx 1988 | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdfPatchVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-740908.pdfPatchVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-21-1118/Third Party AdvisoryVDB Entry
- https://cert-portal.siemens.com/productcert/pdf/ssa-728618.pdfPatchVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-740908.pdfPatchVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-21-1118/Third Party AdvisoryVDB Entry
FAQ
What is CVE-2021-41534?
CVE-2021-41534 is a vulnerability with a CVSS score of 3.3 (LOW). A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end...
How severe is CVE-2021-41534?
CVE-2021-41534 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-41534?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Solid Edge, Siemens Nx 1984 Firmware, Siemens Nx 1984, Siemens Nx 1988 Firmware, Siemens Nx 1988.