CVE-2021-27382
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-27382
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13040)
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens Solid Edge 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens Solid Edge是德国Siemens公司的一款三维CAD软件。该软件可用于零件设计、装配设计、钣金设计、焊接设计等行业。 Siemens Solid Edge存在缓冲区错误漏洞,该漏洞源于程序在分析PAR文件时缺少对用户提供的数据的正确验证,远程攻击者可以用该漏洞在程序上执行任意代码。以下产品或版本受到影响:Solid Edge SE2020MP13、Solid Edge SE2021MP4。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Siemens | Solid Edge SE2020 | All versions < SE2020MP13 | - | |
| Siemens | Solid Edge SE2020 | All versions < SE2020MP14 | - | |
| Siemens | Solid Edge SE2021 | All Versions < SE2021MP4 | - |
II. Public POCs for CVE-2021-27382
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-27382
请登录查看更多情报信息。
- https://www.zerodayinitiative.com/advisories/ZDI-21-612/x_refsource_MISC
- https://us-cert.cisa.gov/ics/advisories/icsa-21-103-06x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2021-27382
Same Patch Batch · Siemens · 2021-04-22 · 19 CVEs total
| CVE-2020-25244 | 8.4 HIGH | Siemens LOGO! Soft Comfort 代码问题漏洞 |
| CVE-2020-27009 | 8.1 HIGH | 多款Siemens产品 缓冲区错误漏洞 |
| CVE-2020-15795 | 8.1 HIGH | 多款siemens产品 缓冲区错误漏洞 |
| CVE-2021-25663 | 7.5 HIGH | Siemens Nucleus 安全漏洞 |
| CVE-2021-25664 | 7.5 HIGH | Siemens Nucleus 安全漏洞 |
| CVE-2020-27737 | 6.5 MEDIUM | 多款siemens产品 缓冲区错误漏洞 |
| CVE-2020-27736 | 6.5 MEDIUM | 多款siemens产品 缓冲区错误漏洞 |
| CVE-2020-27738 | 6.5 MEDIUM | 多款siemens产品 缓冲区错误漏洞 |
| CVE-2021-25677 | 5.3 MEDIUM | 多款Siemens产品 安全特征问题漏洞 |
| CVE-2020-25243 | 5.1 MEDIUM | Siemens LOGO! Soft Comfort 路径遍历漏洞 |
| CVE-2021-25668 | Siemens Web Server缓冲区错误漏洞 | |
| CVE-2021-25669 | Siemens Web Server 缓冲区错误漏洞 | |
| CVE-2021-27393 | Nucleus ReadyStart安全特征问题漏洞 | |
| CVE-2021-27392 | Siemens Open Network Bridge 信任管理问题漏洞 | |
| CVE-2020-26997 | Siemens Solid Edge 安全漏洞 | |
| CVE-2021-27389 | Siemens Digital Industries Software Opcenter Quality 安全漏洞 | |
| CVE-2021-25678 | Siemens Solid Edge 缓冲区错误漏洞 | |
| CVE-2021-25670 | siemens Tecnomatix RobotExpert 缓冲区错误漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-121
- CVE-2026-8258
Squirrel sqstdstring.cpp validate_format stack-based overflo - CVE-2026-8234
EFM ipTIME A8004T WifiBasicSet formWifiBasicSet stack-based - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-41509
Integer underflow in crypto_sign_open() leads to buffer over - CVE-2026-8138
Tenda CX12L SetPptpServerCfg” formSetPPTPServer stack-based
V. Comments for CVE-2021-27382
No comments yet