Stack Overflow Vulnerability in JT2Go and Teamcenter Visualization by Siemens
CVE-2023-51746

7.8HIGH

Key Information:

Vendor: Siemens
Status: Jt2go; Teamcenter Visualization V13.3; Teamcenter Visualization V14.1; Teamcenter Visualization V14.2
Vendor: CVE Published:; 9 January 2024

Summary

A stack overflow vulnerability has been detected in various versions of JT2Go and Teamcenter Visualization applications. This vulnerability arises from improper parsing of specially crafted CGM files, which could enable an attacker to execute arbitrary code in the context of the affected application process. Users of JT2Go and Teamcenter Visualization should ensure they are using the updated versions to mitigate potential risks associated with this security issue.

Affected Version(s)

JT2Go All versions < V14.3.0.6

Teamcenter Visualization V13.3 All versions < V13.3.0.13

Teamcenter Visualization V14.1 All versions < V14.1.0.12

References

https://cert-portal.siemens.com/productcert/pdf/ssa-79465...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 9, 2024
Vulnerability Reserved
Dec 22, 2023