CVE-2021-44000

Name of the Vulnerable Software and Affected Versions JT2Go versions prior to V13.2.0.7 Solid Edge SE2021 versions prior to SE2021MP9 Solid Edge SE2022 versions prior to SE2022MP1 Teamcenter Visualization V13.1 versions prior to V13.1.0.9 Teamcenter Visualization V13.2 versions prior to V13.2.0.7 Teamcenter Visualization V13.3 versions prior to V13.3.0.1

Description A vulnerability has been identified in the specified software versions. The plmxmlAdapterSE70.dll contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Recommendations For JT2Go versions prior to V13.2.0.7, update to version V13.2.0.7 or later. For Solid Edge SE2021 versions prior to SE2021MP9, update to version SE2021MP9 or later. For Solid Edge SE2022 versions prior to SE2022MP1, update to version SE2022MP1 or later. For Teamcenter Visualization V13.1 versions prior to V13.1.0.9, update to version V13.1.0.9 or later. For Teamcenter Visualization V13.2 versions prior to V13.2.0.7, update to version V13.2.0.7 or later. For Teamcenter Visualization V13.3 versions prior to V13.3.0.1, update to version V13.3.0.1 or later.