Out of Bounds Read Vulnerability in JT2Go and Teamcenter Visualization by Siemens
CVE-2022-41284
7.8HIGH
Key Information:
- Vendor
- Siemens
- Status
- Vendor
- CVE Published:
- 13 December 2022
Summary
A vulnerability exists in the CGM_NIST_Loader.dll associated with JT2Go and various versions of Teamcenter Visualization. This out of bounds read vulnerability arises while parsing CGM files, potentially allowing an attacker to exploit the flaw to execute arbitrary code within the context of the affected process. Users of vulnerable versions are strongly advised to update their software to mitigate risks associated with this vulnerability.
Affected Version(s)
JT2Go All versions < V14.1.0.6
Teamcenter Visualization V13.2 All versions < V13.2.0.12
Teamcenter Visualization V13.3 All versions < V13.3.0.8
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved