CVE-2020-26991

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to 13.1.0.2 Teamcenter Visualization versions prior to 13.1.0.2

Description: A vulnerability has been identified in the affected applications, where they lack proper validation of user-supplied data when parsing ASM files. This could lead to pointer dereferences of a value obtained from an untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process.

Recommendations: For JT2Go versions prior to 13.1.0.2, update to version 13.1.0.2 or later. For Teamcenter Visualization versions prior to 13.1.0.2, update to version 13.1.0.2 or later. As a temporary workaround, consider restricting the parsing of ASM files from untrusted sources until a patch is available.