First published: Tue Jan 10 2023(Updated: )
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19078)
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens Jt Open Toolkit | <11.1.1.0 | |
Siemens Jt Utilities | <13.1.1.0 | |
Siemens Solid Edge | <se2023 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-47935 is high with a severity value of 7.8.
JT Open versions before V11.1.1.0, JT Utilities versions before V13.1.1.0, and Solid Edge versions before V2023 are affected by CVE-2022-47935.
The vulnerability in CVE-2022-47935 is a memory corruption vulnerability in the Jt1001.dll file while parsing specially crafted JT files.
An attacker can exploit CVE-2022-47935 by leveraging the memory corruption vulnerability in the Jt1001.dll file while parsing specially crafted JT files.
More information about CVE-2022-47935 can be found at the following reference: [Siemens ProductCERT SSA-936212](https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf).