all InfoSec news
SSA-258494 V1.0: Stack Overflow Vulnerability in Simcenter Nastran before 2406.90
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Simcenter Nastran is affected by a stack overflow vulnerability that could be triggered when an application binary reads arbitrary string as a file argument. If a user is tricked to run one of the impacted application binary with a malicious string, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.
Siemens has released a new version for Simcenter Nastran 2406 and recommends to update to the latest version. Siemens recommends countermeasures …
application argument attacker binary file malicious overflow run ssa stack stack overflow vulnerability