Null Pointer Dereference Vulnerability in Siemens Visualization Products
CVE-2022-41280
3.3LOW
Key Information:
- Vendor
- Siemens
- Status
- Vendor
- CVE Published:
- 13 December 2022
Summary
A null pointer dereference vulnerability has been discovered in JT2Go and multiple versions of Teamcenter Visualization software from Siemens. The issue resides within the CGM_NIST_Loader.dll component when parsing specially crafted CGM files. Exploitation of this vulnerability can lead to a denial of service, potentially crashing the application and disrupting services reliant on these visualization tools.
Affected Version(s)
JT2Go All versions < V14.1.0.6
Teamcenter Visualization V13.2 All versions < V13.2.0.12
Teamcenter Visualization V13.3 All versions < V13.3.0.8
References
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved