SSA-258494 V1.0: Stack Overflow Vulnerability in Simcenter Nastran before 2406.90 | allinfosecnews.com

May 14, 2024, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

Simcenter Nastran is affected by a stack overflow vulnerability that could be triggered when an application binary reads arbitrary string as a file argument. If a user is tricked to run one of the impacted application binary with a malicious string, an attacker could leverage the vulnerability to perform remote code execution in the context of the current process.

Siemens has released a new version for Simcenter Nastran 2406 and recommends to update to the latest version. Siemens recommends countermeasures …

application argument attacker binary file malicious overflow run ssa stack stack overflow vulnerability

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-923361 V1.0: MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0011 3 weeks, 6 days ago | cert-portal.siemens.com

application arbitrary code arbitrary code execution code +9

SSA-871704 V1.0: Multiple Vulnerabilities in SICAM Products 3 weeks, 6 days ago | cert-portal.siemens.com

code code execution device escalation +14

SSA-925850 V1.0: Improper Access Control in Polarion ALM 3 weeks, 6 days ago | cert-portal.siemens.com

access access control access controls apache +11

SSA-976324 V1.0: Multiple IGS File Parsing Vulnerabilities in PS/IGES Parasolid Translator Component before V27.1.215 3 weeks, 6 days ago | cert-portal.siemens.com

application crash file files +6

SSA-953710 V1.0: Vulnerabilities in the Network Communication Stack in Desigo Fire Safety UL and Cerberus … 3 weeks, 6 days ago | cert-portal.siemens.com

access attacker buffer buffer overflow +17

SSA-916916 V1.0: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.5 3 weeks, 6 days ago | cert-portal.siemens.com

application arbitrary files attacker attacks +18

SSA-935500 V1.1 (Last Update: 2024-05-14): Denial of Service Vulnerability in FTP Server of Nucleus RTOS … 3 weeks, 6 days ago | cert-portal.siemens.com

countermeasures fix fixes latest +6

SSA-962515 V1.0: Out of Bounds Read Vulnerability in Industrial Products 3 weeks, 6 days ago | cert-portal.siemens.com

attacker blue bsod crash +13

SSA-661579 V1.0: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go 3 weeks, 6 days ago | cert-portal.siemens.com

application crash file files +7

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States

View on infosec-jobs.com