Stack Overflow Vulnerability in JT2Go and Teamcenter Visualization by Siemens
CVE-2023-51745

7.8HIGH

Key Information:

Vendor: Siemens
Status: JT2Go; Teamcenter Visualization V13.3; Teamcenter Visualization V14.1; Teamcenter Visualization V14.2
Vendor: CVE Published:; 9 January 2024

Summary

A stack overflow vulnerability has been discovered in JT2Go and Teamcenter Visualization applications from Siemens. This issue arises while processing specially crafted CGM files, potentially allowing an attacker to execute arbitrary code within the context of the affected process. The vulnerability impacts various versions of JT2Go and Teamcenter Visualization, emphasizing the need for users to update to the latest secure versions to mitigate any risks.

Affected Version(s)

JT2Go All versions < V14.3.0.6

Teamcenter Visualization V13.3 All versions < V13.3.0.13

Teamcenter Visualization V14.1 All versions < V14.1.0.12

References

https://cert-portal.siemens.com/productcert/pdf/ssa-79465...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 9, 2024
Vulnerability Reserved
Dec 22, 2023