PT-2024-4457 · Siemens · Jt2Go+1
Jin Huang
·
Published
2024-05-14
·
Updated
2024-08-13
·
CVE-2024-32637
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Parasolid (affected versions not specified)
JT2Go versions prior to V2312.0005
Teamcenter Visualization V14.2 versions prior to V14.2.0.12
Teamcenter Visualization V14.3 versions prior to V14.3.0.10
Teamcenter Visualization V2312 versions prior to V2312.0005
Description
The issue is related to a null pointer dereference vulnerability. This vulnerability can be exploited by an attacker using specially crafted X T files, potentially leading to a denial of service condition by crashing the application.
Recommendations
For JT2Go versions prior to V2312.0005, update to version V2312.0005 or later.
For Teamcenter Visualization V14.2 versions prior to V14.2.0.12, update to version V14.2.0.12 or later.
For Teamcenter Visualization V14.3 versions prior to V14.3.0.10, update to version V14.3.0.10 or later.
For Teamcenter Visualization V2312 versions prior to V2312.0005, update to version V2312.0005 or later.
As a temporary workaround, consider avoiding the use of specially crafted X T files until a patch is available.
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jt2Go
Teamcenter Visualization