Daenni 0 Posted February 22 Share Posted February 22 Hi at all, there is a new Security Advisory behind this link. Copied Text: Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as X_B, DWG, DXF, STL, STP, SLDPRT and PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to crash the application, extract data or potentially lead to arbitrary code execution. It is possible to detect this malicious files with ESET AV or ESET Cloud LiveGrid? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,614 Posted February 23 Administrators Share Posted February 23 You are probably referring to CVE-2023-24553. Since I could not find any detection name with that CVE number, I assume that we have not seen actual malware or PoC exploiting the vulnerability yet. Quote Link to comment Share on other sites More sharing options...
itman 1,510 Posted February 23 Share Posted February 23 Refer to this Siemens publication for mitigations to this current and past Solid Edge vulnerabilities: https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf . Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.