November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
November 21, 2022Rewterz Threat Advisory – CVE-2022-27638 – Intel Advanced Link Analyzer Pro and Standard edition software Vulnerability
November 21, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
November 21, 2022Rewterz Threat Advisory – CVE-2022-27638 – Intel Advanced Link Analyzer Pro and Standard edition software Vulnerability
November 21, 2022
Severity
High
Analysis Summary
CVE-2022-39157
The specific flaw exists within the parsing of X_T files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process.
Impact
Code Execution
Indicators Of Compromise
CVE
- CVE-2022-39157
Affected Vendors
Siemens
Affected Products
- Parasolid V34.0: versions prior to V34.0.252
- Parasolid V34.0: versions prior to V34.0.254
- Parasolid V34.1: versions prior to V34.1.242
- Parasolid V34.1: versions prior to V34.1.244
- Parasolid V35.0: versions prior to V35.0.184
- Parasolid V35.0: versions prior to V35.0.170
Remediation
Refer to CISA-CERT Advisory for the patch, upgrade, or suggested workaround information.
CISA-CERT Advisory