Out of Bounds Read Vulnerability in JT Utilities and JTTK by Siemens
CVE-2021-44444

3.3LOW

Key Information:

Vendor: Siemens
Status: Jt Utilities; Jttk
Vendor: CVE Published:; 14 December 2021

Summary

A significant vulnerability exists in JT Utilities and JTTK, where an out of bounds read can occur when processing specially crafted JT files. This flaw allows attackers to potentially leak sensitive information within the context of the current process. Users of JT Utilities prior to version 13.1.1.0 and JTTK prior to version 11.1.1.0 are particularly at risk and are advised to update their software to mitigate risks associated with this issue.

Affected Version(s)

JT Utilities All versions < V13.1.1.0

JTTK All versions < V11.1.1.0

References

https://cert-portal.siemens.com/productcert/pdf/ssa-80257...

x_refsource_MISC

http://packetstormsecurity.com/files/167317/Microsoft-Off...

x_refsource_MISC

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 14, 2021
Vulnerability Reserved
Nov 30, 2021