CVE-2023-33122

Name of the Vulnerable Software and Affected Versions JT2Go versions prior to 14.2.0.3 Teamcenter Visualization V13.2 versions prior to 13.2.0.13 Teamcenter Visualization V13.3 versions prior to 13.3.0.10 Teamcenter Visualization V14.0 versions prior to 14.0.0.6 Teamcenter Visualization V14.1 versions prior to 14.1.0.8 Teamcenter Visualization V14.2 versions prior to 14.2.0.3

Description The issue is related to an out of bounds read in memory when parsing a specially crafted CGM file. This could allow an attacker to disclose sensitive information when analyzing the malicious file.

Recommendations For JT2Go versions prior to 14.2.0.3, update to version 14.2.0.3 or later. For Teamcenter Visualization V13.2 versions prior to 13.2.0.13, update to version 13.2.0.13 or later. For Teamcenter Visualization V13.3 versions prior to 13.3.0.10, update to version 13.3.0.10 or later. For Teamcenter Visualization V14.0 versions prior to 14.0.0.6, update to version 14.0.0.6 or later. For Teamcenter Visualization V14.1 versions prior to 14.1.0.8, update to version 14.1.0.8 or later. For Teamcenter Visualization V14.2 versions prior to 14.2.0.3, update to version 14.2.0.3 or later. As a temporary workaround, consider avoiding the use of CGM files from untrusted sources until the issue is resolved.