SSA-483182 — Vulnetix

SSA-483182 PUBLISHED CVSS 7.800000190734863 HIGH

Siemens has released version V13.2 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (GIF, TIFF, BMP, J2K, JT, SGI, PDF, PCT, PCX, PAR and ASM ). If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary code execution on the target host system. Siemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products.

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	Teamcenter Visualization
	JT2Go

Timeline

CVE Published

References

https://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf advisory
https://cert-portal.siemens.com/productcert/txt/ssa-483182.txt advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-483182.json advisory
https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html fix

Open in Interactive Console →