CVE Vulnerabilities

CVE-2024-22043

NULL Pointer Dereference

Published: Feb 13, 2024 | Modified: Nov 21, 2024
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.251), Parasolid V35.1 (All versions < V35.1.170). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted XT files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

Weakness

The product dereferences a pointer that it expects to be valid but is NULL.

Affected Software

Name Vendor Start Version End Version
Parasolid Siemens 35.0 (including) 35.0.251 (excluding)
Parasolid Siemens 35.1 (including) 35.1.170 (excluding)

Potential Mitigations

References