<p>Affected products do not properly sanitize user-controllable input
when parsing project files. This could allow an attacker to cause a type
confusion and execute arbitrary code within the affected
application.</p>
<p>Siemens has released new versions for several affected products and
recommends to update to the latest versions. Siemens is preparing
further fix versions and recommends specific countermeasures for
products where fixes are not, or not yet available.</p>
Source link
