{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T20:32:50.964","vulnerabilities":[{"cve":{"id":"CVE-2022-28661","sourceIdentifier":"productcert@siemens.com","published":"2022-04-12T09:15:15.283","lastModified":"2024-11-21T06:57:40.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15114)"},{"lang":"es","value":"Se ha identificado una vulnerabilidad en Simcenter Femap (todas las versiones anteriores a V2022.1.2). La aplicación afectada contiene una lectura fuera de límites más allá del final de un búfer asignado mientras analiza archivos .NEU especialmente diseñados. Esto podría permitir a un atacante ejecutar código en el contexto del proceso actual. (ZDI-CAN-15114)"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simcenter_femap:*:*:*:*:*:*:*:*","versionEndExcluding":"2022.1.2","matchCriteriaId":"032F9B6A-D966-4F82-ACE9-5DCD591A170C"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-998762.pdf","source":"productcert@siemens.com","tags":["Mitigation","Patch","Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-998762.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Patch","Vendor Advisory"]}]}}]}