Daenni 0 Posted February 22, 2023 Share Posted February 22, 2023 Hi at all, there is a new Security Advisory behind this link. Copied Text: Solid Edge is affected by multiple memory corruption vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as X_B, DWG, DXF, STL, STP, SLDPRT and PAR format. If a user is tricked to open a malicious file with the affected applications, an attacker could leverage the vulnerability to crash the application, extract data or potentially lead to arbitrary code execution. It is possible to detect this malicious files with ESET AV or ESET Cloud LiveGrid? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted February 23, 2023 Administrators Share Posted February 23, 2023 You are probably referring to CVE-2023-24553. Since I could not find any detection name with that CVE number, I assume that we have not seen actual malware or PoC exploiting the vulnerability yet. Link to comment Share on other sites More sharing options...
itman 1,748 Posted February 23, 2023 Share Posted February 23, 2023 Refer to this Siemens publication for mitigations to this current and past Solid Edge vulnerabilities: https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf . Link to comment Share on other sites More sharing options...
Recommended Posts