First published: Tue Aug 08 2023(Updated: )
A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted TIFF file. This could allow an attacker to execute code in the context of the current process.
Credit: productcert@siemens.com productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens JT2Go | <14.2.0.5 | |
Siemens Teamcenter Visualization | >=14.1<14.1.0.10 | |
Siemens Teamcenter Visualization | >=14.2<14.2.0.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-38683.
All versions of JT2Go prior to V14.2.0.5 are affected by this vulnerability.
Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), and Teamcenter Visualization V14.2 (All versions < V14.2.0.5) are affected by this vulnerability.
The severity rating of this vulnerability is high, with a rating of 7.8.
To fix this vulnerability, update to JT2Go version V14.2.0.5 or later, or update to the latest versions of Teamcenter Visualization (V13.2.0.14, V14.1.0.10, or V14.2.0.5).