Nov. 14, 2023, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-38070.

arbitrary code attackers buffer buffer overflow code code execution cvss exploit file malicious overflow page parsing remote code remote code execution siemens simulation stack target vulnerability zdi

More from www.zerodayinitiative.com / ZDI: Published Advisories

Cloud Support Engineer

@ General Dynamics Information Technology | USA UT Roy - 5770 Missile Way, Roy, UT 84067 (UTC018)

Senior SIEM Developer (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

Director, Product Management (Cloud Application Security)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

Cyber Security Specialist, Cyber Awareness Training & Strategic Projects

@ Grab | Petaling Jaya, Malaysia

Cyber Security Analyst (m/f/d)

@ Project A | Berlin

Cyber Security Analyst (m/w/d)

@ Project A | Berlin