{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-49126", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "state": "PUBLISHED", "assignerShortName": "siemens", "dateReserved": "2023-11-22T14:50:33.102Z", "datePublished": "2024-01-09T09:59:57.599Z", "dateUpdated": "2025-08-27T20:49:34.090Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2024-01-09T09:59:57.599Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."}], "affected": [{"vendor": "Siemens", "product": "Solid Edge SE2023", "versions": [{"version": "All versions < V223.0 Update 10", "status": "affected"}], "defaultStatus": "unknown"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseScore": 7.8, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:46:29.128Z"}, "title": "CVE Program Container", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-01-23T05:01:37.613757Z", "id": "CVE-2023-49126", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-27T20:49:34.090Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:46:29.128Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-49126", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-01-23T05:01:37.613757Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-27T20:49:31.534Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}], "affected": [{"vendor": "Siemens", "product": "Solid Edge SE2023", "versions": [{"status": "affected", "version": "All versions < V223.0 Update 10"}], "defaultStatus": "unknown"}], "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2024-01-09T09:59:57.599Z"}}}, "cveMetadata": {"cveId": "CVE-2023-49126", "state": "PUBLISHED", "dateUpdated": "2025-08-27T20:49:34.090Z", "dateReserved": "2023-11-22T14:50:33.102Z", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "datePublished": "2024-01-09T09:59:57.599Z", "assignerShortName": "siemens"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:*:*:*:*:*:*:*:*", "matchCriteriaId": "6708C521-2523-4FFE-8D66-01386DF0FAAF", "versionEndExcluding": "223.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:-:*:*:*:*:*:*", "matchCriteriaId": "E0ADA2C0-4AA2-4FDB-AB71-2C905106A68F", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0001:*:*:*:*:*:*", "matchCriteriaId": "619B13A0-ADF3-4CC9-A5BD-6C99AE369D43", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0002:*:*:*:*:*:*", "matchCriteriaId": "E4C4B3EA-853A-4C75-AA5F-319E2802A722", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0003:*:*:*:*:*:*", "matchCriteriaId": "28C04B66-7E6F-49E6-B7A9-E7357ADE5936", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0004:*:*:*:*:*:*", "matchCriteriaId": "99A72C67-00A3-499A-9DDC-73AD29672A08", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0005:*:*:*:*:*:*", "matchCriteriaId": "9C7B34D6-925F-4DB9-8418-962F35FE11C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0006:*:*:*:*:*:*", "matchCriteriaId": "211C7830-D4B9-4315-BDE8-F108FF6A609C", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0007:*:*:*:*:*:*", "matchCriteriaId": "52647713-2F45-4D35-B31A-5BB2E15175EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0008:*:*:*:*:*:*", "matchCriteriaId": "4378378B-BAEA-4200-9336-936835322DF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge_se2023:223.0:update_0009:*:*:*:*:*:*", "matchCriteriaId": "57968030-2B5F-41C1-B8B4-2405C84E3A06", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en Solid Edge SE2023 (todas las versiones "}], "id": "CVE-2023-49126", "lastModified": "2024-11-21T08:32:53.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "productcert@siemens.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-09T10:15:17.997", "references": [{"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "productcert@siemens.com", "type": "Secondary"}]}

{}

{}