all InfoSec news
SSA-900277 V1.0: MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0012 and V2024.0001
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Tecnomatix Plant Simulation contains a type confusion vulnerability that could be triggered when the application reads MODEL files. If a user is tricked to open a malicious file using the affected application, this could lead to a crash, and potentially also to arbitrary code execution on the target host system.
Siemens has released new versions for the affected products and recommends to update to the latest versions.
application arbitrary code arbitrary code execution code code execution crash file files malicious parsing simulation ssa type confusion using vulnerability