PT-2024-4462 · Siemens · Jt2Go+1
Jin Huang
·
Published
2024-05-14
·
Updated
2024-08-13
·
CVE-2024-32636
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
JT2Go versions prior to V2312.0005
Teamcenter Visualization V14.2 versions prior to V14.2.0.12
Teamcenter Visualization V14.3 versions prior to V14.3.0.10
Teamcenter Visualization V2312 versions prior to V2312.0005
Description
A vulnerability has been identified that allows an attacker to execute code in the context of the current process by exploiting an out of bounds read past the end of an allocated structure while parsing specially crafted X T files. This issue is related to a buffer read overflow in memory, which can be triggered by specially crafted X T files, potentially allowing an attacker to execute arbitrary code.
Recommendations
For JT2Go versions prior to V2312.0005, update to version V2312.0005 or later.
For Teamcenter Visualization V14.2 versions prior to V14.2.0.12, update to version V14.2.0.12 or later.
For Teamcenter Visualization V14.3 versions prior to V14.3.0.10, update to version V14.3.0.10 or later.
For Teamcenter Visualization V2312 versions prior to V2312.0005, update to version V2312.0005 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jt2Go
Teamcenter Visualization