CVE-2021-37180
Published: 10 August 2021
Summary
CVE-2021-37180 is a high-severity Access of Uninitialized Pointer (CWE-824) vulnerability in Siemens Solid Edge Se2021 Firmware. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 40.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-23754
Vulnerability details
A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage…
more
this vulnerability to execute code in the context of the current process. (ZDI-CAN-13775)
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.