PT-2022-11972 · Siemens · Jt2Go+2
Mat Powell
·
Published
2022-02-09
·
Updated
2022-06-14
·
CVE-2021-44018
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
JT2Go versions prior to V13.2.0.7
Solid Edge SE2021 versions prior to SE2021MP9
Solid Edge SE2022 versions prior to SE2022MP1
Teamcenter Visualization V13.1 versions prior to V13.1.0.9
Teamcenter Visualization V13.2 versions prior to V13.2.0.7
Teamcenter Visualization V13.3 versions prior to V13.3.0.1
Description
A memory corruption condition exists in the plmxmlAdapterSE70.dll library while parsing specially crafted PAR files, allowing an attacker to execute code in the context of the current process.
Recommendations
For JT2Go versions prior to V13.2.0.7, update to version V13.2.0.7 or later.
For Solid Edge SE2021 versions prior to SE2021MP9, update to version SE2021MP9 or later.
For Solid Edge SE2022 versions prior to SE2022MP1, update to version SE2022MP1 or later.
For Teamcenter Visualization V13.1 versions prior to V13.1.0.9, update to version V13.1.0.9 or later.
For Teamcenter Visualization V13.2 versions prior to V13.2.0.7, update to version V13.2.0.7 or later.
For Teamcenter Visualization V13.3 versions prior to V13.3.0.1, update to version V13.3.0.1 or later.
Fix
Buffer Overflow
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Jt2Go
Solid Edge
Teamcenter Visualization