SSA-824889 — Vulnetix

SSA-824889 PUBLISHED CVSS 3.299999952316284 LOW

JT Open Toolkit and PLM XML SDK are affected by stack buffer overflow and null pointer dereference vulnerabilities that could be triggered while parsing XML file. If a user is tricked to open a malicious XML file with any of the affected products, this could cause the application to crash or potentially lead to arbitrary code execution. Siemens has released new versions for the affected products and recommends to update to the latest versions.

Risk Scores

CVSS v3.1

3.299999952316284

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products

Vendor	Product	Versions
	JT Open
	PLM XML SDK

Timeline

CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-824889.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-824889.json advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-824889.pdf advisory
https://cert-portal.siemens.com/productcert/txt/ssa-824889.txt advisory

Open in Interactive Console →