Parasolid Vulnerability Could Lead to Denial of Service Condition
CVE-2024-32637

3.3LOW

Key Information:

Vendor: Siemens
Status: Jt2go; Teamcenter Visualization V14.2; Teamcenter Visualization V14.3; Teamcenter Visualization V2312
Vendor: CVE Published:; 14 May 2024

What is CVE-2024-32637?

A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

Affected Version(s)

JT2Go 0

Teamcenter Visualization V14.2 0

Teamcenter Visualization V14.3 0

References

https://cert-portal.siemens.com/productcert/html/ssa-0463...

https://cert-portal.siemens.com/productcert/html/ssa-8564...

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2024
Vulnerability Reserved
Apr 16, 2024

Siemens

What is CVE-2024-32637?

Affected Version(s)

References

CVSS V3.1

Timeline