VDB

CVE-2020-27002

CVE-2020-27002 PUBLISHED CVSS 3.5999999046325684 LOW

A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12043)

EPSS 0.08% · 22.9th percentile

Risk Scores

CVSS v2.0
3.5999999046325684
EPSS Score
0.08%
22.9th percentile

Affected Products

VendorProductVersions
siemensjt2go0
SiemensTeamcenter VisualizationAll versions < V13.1.0.2
SiemensJT2GoAll versions < V13.1.0.2
siemensteamcenter_visualization0

Timeline

  • Feb 9, 2021 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 22, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 25, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 27, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 2, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›