This content is restricted.
Brief
Summary:
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. The summary below provides information on a vulnerability in Siemens' Parasolid product.
Vulnerability Details:
CVSS v3 score: 7.8
Attack complexity: Low
Vendor: Siemens
Equipment: Parasolid
Vulnearbilities: Out-of-bounds Read, NULL Pointer Dereference
Affected Products:
Parasolid V35.0: all versions prior to V35.0.263
Parasolid V35.0: all versions prior to V35.0.251
Parasolid V35.1: all versions prior to V35.1.252
Parasolid V35.1: all versions prior to V35.1.170
Parasolid V36.0: all versions prior to V36.0.198
Remediation:
Update to the latest versions: V35.0.263, V35.1.252, or V36.0.198
Do not open untrusted XT files in Parasolid
Apply specific workarounds and mitigations recommended by Siemens
Additional Information:
CVE-2023-49125 and CVE-2024-22043 have been assigned to these vulnerabilities
* CISA recommends users take defensive measures to minimize the risk of exploitation, perform impact analysis and risk assessment prior to deploying defensive measures, and implement recommended cybersecurity strategies for proactive defense of ICS assets.
Highlights content goes here...
This content is restricted.
RADA.AI
Hello! I'm RADA.AI - Regulatory Analysis and Decision Assistance. Your Intelligent guide for compliance and decision-making. How can i assist you today?
Suggested
