Access of Uninitialized Pointer

CVE-2021-41538

Low

3.3/10

Summary

A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to information disclosure by unexpected access to an uninitialized pointer while parsing user-supplied OBJ files. An attacker could leverage this vulnerability to leak information from unexpected memory locations (ZDI-CAN-13770).

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-824 - Access of Uninitialized Pointer

The program accesses or uses a pointer that has not been initialized.

References

Advisory Timeline

Published Sep 28, 2021

Access of Uninitialized Pointer

CVE-2021-41538

Summary

CWE-824 - Access of Uninitialized Pointer

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS