1. Home
  2. CVE Database
  3. CVE-2024-29189
HIGH · 7.4

CVE-2024-29189

PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start...

Vulnerability Description

PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start_program directly, users could exploit its usage to perform malicious operations on the current machine where the script is ran. This vulnerability is fixed in 0.3.3 and 0.4.12.

CVSS Score

7.4

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
AnsysPyansys Geometry>= 0.3.0, < 0.3.3

Related Weaknesses (CWE)

CWE-78

References

FAQ

What is CVE-2024-29189?

CVE-2024-29189 is a vulnerability with a CVSS score of 7.4 (HIGH). PyAnsys Geometry is a Python client library for the Ansys Geometry service and other CAD Ansys products. On file src/ansys/geometry/core/connection/product_instance.py, upon calling this method _start...

How severe is CVE-2024-29189?

CVE-2024-29189 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-29189?

Check the references section above for vendor advisories and patch information. Affected products include: Ansys Pyansys Geometry.