Out of Bounds Read Vulnerability in JT Open and JT Utilities by Siemens
CVE-2023-29053

7.8HIGH

Key Information:

Vendor: Siemens
Status: JT Open; JT Utilities
Vendor: CVE Published:; 11 April 2023

Summary

A vulnerability exists in JT Open and JT Utilities that allows an out of bounds read past the allocated structure's end when parsing specially crafted JT files. This flaw could be exploited by an attacker to execute arbitrary code in the context of the vulnerable application, posing significant security risks.

Affected Version(s)

JT Open All versions < V11.3.2.0

JT Utilities All versions < V13.3.0.0

References

https://cert-portal.siemens.com/productcert/pdf/ssa-64281...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 11, 2023
Vulnerability Reserved
Mar 30, 2023