CVE-2021-33714: Null Pointer Dereference
First published: Tue Jul 13 2021(Updated: )
A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a missing check for the validity of an iterator leads to NULL pointer deference condition, causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Jt Utilities | <13.0.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-33714?
CVE-2021-33714 is a vulnerability identified in JT Utilities (All versions < V13.0.2.0) that allows an attacker to cause the application to crash by exploiting a NULL pointer deference condition.
How does CVE-2021-33714 occur?
CVE-2021-33714 occurs due to a missing check for the validity of an iterator when parsing specially crafted JT files.
What is the impact of CVE-2021-33714?
The impact of CVE-2021-33714 is a crashing of the application, which can be leveraged by an attacker.
How can CVE-2021-33714 be exploited?
CVE-2021-33714 can be exploited by an attacker leveraging the vulnerability in JT Utilities to craft specially crafted JT files.
How can I mitigate CVE-2021-33714?
To mitigate CVE-2021-33714, it is recommended to upgrade JT Utilities to version V13.0.2.0 or above.
- collector/nvd-index
- vendor/siemens
- canonical/siemens jt utilities