Stack Overflow Vulnerability in JT2Go and Teamcenter Visualization by Siemens
CVE-2023-51745

7.8HIGH

Key Information:

Vendor

Siemens
Status
Jt2go
Teamcenter Visualization V13.3
Teamcenter Visualization V14.1
Teamcenter Visualization V14.2
Vendor
CVE Published:
9 January 2024

What is CVE-2023-51745?

A stack overflow vulnerability has been discovered in JT2Go and Teamcenter Visualization applications from Siemens. This issue arises while processing specially crafted CGM files, potentially allowing an attacker to execute arbitrary code within the context of the affected process. The vulnerability impacts various versions of JT2Go and Teamcenter Visualization, emphasizing the need for users to update to the latest secure versions to mitigate any risks.

Affected Version(s)

JT2Go All versions < V14.3.0.6

Teamcenter Visualization V13.3 All versions < V13.3.0.13

Teamcenter Visualization V14.1 All versions < V14.1.0.12

References

https://cert-portal.siemens.com/productcert/pdf/ssa-79465...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.