CVE-2023-28830

Name of the Vulnerable Software and Affected Versions JT2Go versions prior to V14.2.0.5 Solid Edge SE2022 versions prior to V222.0 Update 13 Solid Edge SE2023 versions prior to V223.0 Update 4 Teamcenter Visualization V13.2 versions prior to V13.2.0.15 Teamcenter Visualization V13.3 versions prior to V13.3.0.11 Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prior to V14.2.0.5

Description The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Recommendations For JT2Go versions prior to V14.2.0.5, update to V14.2.0.5 or later. For Solid Edge SE2022 versions prior to V222.0 Update 13, update to V222.0 Update 13 or later. For Solid Edge SE2023 versions prior to V223.0 Update 4, update to V223.0 Update 4 or later. For Teamcenter Visualization V13.2 versions prior to V13.2.0.15, update to V13.2.0.15 or later. For Teamcenter Visualization V13.3 versions prior to V13.3.0.11, update to V13.3.0.11 or later. For Teamcenter Visualization V14.1 versions prior to V14.1.0.11, update to V14.1.0.11 or later. For Teamcenter Visualization V14.2 versions prior to V14.2.0.5, update to V14.2.0.5 or later. As a temporary workaround, consider restricting the parsing of ASM files until a patch is available.