Siemens Product Security Update Advisory

Oct 18 2024

Overview

An update has been released to address vulnerabilities in Siemens Products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-47194, CVE-2024-47195, CVE-2024-47196

ModelSim versions: ~ 2024.3 (excluded)
Questa versions: ~ 2024.3 (excluded)

Resolved Vulnerabilities

Vulnerability that allows local attackers to load arbitrary DLL files from a user-writable directory to escalate privileges (CVE-2024-47194)

Vulnerability that could allow a local attacker to load an arbitrary executable file from a user writable directory and escalate privileges (CVE-2024-47195)

Vulnerability in user writable directories that could allow local attackers to inject arbitrary code and escalate privileges (CVE-2024-47196)

Vulnerability Patches

Vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-47194, CVE-2024-47195, CVE-2024-47196

ModelSim version: 2024.version 3 or later version
Questa version: 2024.3 or later version

Referenced Sites

[1] SSA-426509: Multiple Local Code Execution Vulnerabilities in Questa and ModelSim Before V2024.3

https://cert-portal.siemens.com/productcert/html/ssa-426509.html

Siemens Product Security Update Advisory

Microsoft Edge browser (130.0.6723.59) version security update advisory

Grafana Security Update Advisory (CVE-2024-9264)

Tags:

Microsoft Edge browser (130.0.6723.59) version security update advisory

Grafana Security Update Advisory (CVE-2024-9264)