CVE-2024-52567

Name of the Vulnerable Software and Affected Versions Teamcenter Visualization versions prior to V14.2.0.14 Teamcenter Visualization versions prior to V14.3.0.12 Teamcenter Visualization versions prior to V2312.0008 Teamcenter Visualization versions prior to V2406.0005 Tecnomatix Plant Simulation versions prior to V2302.0018 Tecnomatix Plant Simulation versions prior to V2404.0007

Description The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. The vulnerability is related to reading beyond the allowed range in memory and can be exploited using specially created WRL files.

Recommendations For Teamcenter Visualization versions prior to V14.2.0.14, update to version V14.2.0.14 or later. For Teamcenter Visualization versions prior to V14.3.0.12, update to version V14.3.0.12 or later. For Teamcenter Visualization versions prior to V2312.0008, update to version V2312.0008 or later. For Teamcenter Visualization versions prior to V2406.0005, update to version V2406.0005 or later. For Tecnomatix Plant Simulation versions prior to V2302.0018, update to version V2302.0018 or later. For Tecnomatix Plant Simulation versions prior to V2404.0007, update to version V2404.0007 or later. As a temporary workaround, consider restricting the use of WRL files in the affected applications until a patch is available.