CVE-2024-47196 in ModelSimИнформация

Сводка

по MITRE • 08.10.2024

A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vsimk.exe in affected applications allows a specific tcl file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vsimk.exe from a user-writable directory.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

Siemens

Резервировать

20.09.2024

Раскрытие

08.10.2024

Модерация

принято

Вход

VDB-279613

CPE

готов

CWE

CWE-427 (Подтверждённый)

CVSS

7.3 (NVD)

EPSS

0.00074

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-47196
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-47196
CVE Details	https://www.cvedetails.com/cve/CVE-2024-47196/

◂ Предыдущий Обзор Далее ▸

Do you need the next level of professionalism?

Upgrade your account now!