CVE-2021-33715: Null Pointer Dereference
First published: Tue Jul 13 2021(Updated: )
A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a race condition could cause an object to be released before being operated on, leading to NULL pointer deference condition and causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Jt Utilities | <13.0.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-33715.
What is the severity of CVE-2021-33715?
CVE-2021-33715 has a severity of medium (5.5).
Which versions of JT Utilities are affected by CVE-2021-33715?
All versions of JT Utilities < V13.0.2.0 are affected by CVE-2021-33715.
How does CVE-2021-33715 occur?
CVE-2021-33715 occurs due to a race condition when parsing specially crafted JT files, which can cause a NULL pointer deference condition and crash the application.
Is there a fix available for CVE-2021-33715?
A fix for CVE-2021-33715 is available in version V13.0.2.0 of JT Utilities.
- agent/author
- agent/description
- agent/event
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- vendor/siemens
- canonical/siemens jt utilities