CNVD-2024-31244 — Vulnetix

CNVD-2024-31244 PUBLISHED CVSS 7.800000190734863 HIGH

Siemens Teamcenter Visualization是一个可为设计2D、3D场景提供团队协作功能的软件。Siemens JT2Go是一款JT文件查看器。 Siemens Teamcenter Visualization和JT2Go存在越界读取漏洞，攻击者可利用该漏洞在当前进程的上下文中执行代码。

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Siemens	Teamcenter Visualization	0, 0, 0
Siemens	JT2Go	0
siemens	teamcenter_visualization	0, 0, 0
siemens	jt2go	0

Exploit Intelligence

https://cert-portal.siemens.com/productcert/html/ssa-722010.html (circl)
https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-03 (circl)
CIRCL seen: CVE-2023-7066 (circl-sighting)

Timeline

Jul 9, 2024 CVE Published
Aug 13, 2024 PoC Published

References

https://cert-portal.siemens.com/productcert/html/ssa-722010.html url
https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-03 url

Open in Interactive Console →