PT-2022-26098 · Siemens · Simcenter Femap
Published
2022-10-11
·
Updated
2022-10-17
·
CVE-2022-41851
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
JTTK versions prior to 11.1.1.0
Simcenter Femap V2022.1 versions prior to 2022.1.3
Simcenter Femap V2022.2 versions prior to 2022.2.2
Description
A vulnerability has been identified in the JTTK library, which is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.
Recommendations
For JTTK versions prior to 11.1.1.0, update to version 11.1.1.0 or later.
For Simcenter Femap V2022.1 versions prior to 2022.1.3, update to version 2022.1.3 or later.
For Simcenter Femap V2022.2 versions prior to 2022.2.2, update to version 2022.2.2 or later.
Fix
Access of Uninitialized Pointer
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Simcenter Femap