CVE-2023-38524
LowCVSS 3.3Exploitation Probability (EPSS)
Low risk9th percentile — higher than 9% of all known CVEs
Summary
A vulnerability has been identified in Parasolid and Teamcenter Visualization applications, present in versions earlier than specified. The issue involves null pointer dereference while parsing specially crafted X_T files, which could allow an attacker to execute code in the context of the current process.
Risk Assessment
This vulnerability poses a risk of malicious code execution, potentially leading to system compromise or data leakage. Organizations should be aware of the potential threats associated with using outdated software versions.
Recommendation
It is recommended to update to the latest versions of Parasolid and Teamcenter Visualization to mitigate the risks associated with this vulnerability. Regular monitoring and updating of software should be part of the IT security strategy.
Original NVD description (English source)
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected applications contain null pointer dereference while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.

