What is the severity of CVE-2023-51744?

The severity of CVE-2023-51744 is classified as critical.

How do I fix CVE-2023-51744?

To fix CVE-2023-51744, update JT2Go to version 14.3.0.6 or later, and Teamcenter Visualization to the patched versions indicated.

What software versions are affected by CVE-2023-51744?

CVE-2023-51744 affects JT2Go versions prior to 14.3.0.6 and Teamcenter Visualization versions prior to 13.3.0.13, 14.1.0.12, 14.2.0.9, and 14.3.0.6.

Is there a workaround for CVE-2023-51744?

As of now, there are no known workarounds for CVE-2023-51744, and upgrading to the latest versions is necessary.

What are the potential impacts of CVE-2023-51744?

CVE-2023-51744 could potentially allow an attacker to execute arbitrary code or compromise system integrity.

Vulnerability/
CVE-2023-51744

medium

5.5

CWE

476

9/1/2024

2/8/2024

CVE-2023-51744: Null Pointer Dereference

First published: Tue Jan 09 2024(Updated: )

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

Credit: productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens JT2Go	<14.3.0.6
Siemens Teamcenter Visualization	>=13.3.0<13.3.0.13
Siemens Teamcenter Visualization	>=14.1<14.1.0.12
Siemens Teamcenter Visualization	>=14.2<14.2.0.9
Siemens Teamcenter Visualization	>=14.3<14.3.0.6

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf

Frequently Asked Questions

What is the severity of CVE-2023-51744?
The severity of CVE-2023-51744 is classified as critical.
How do I fix CVE-2023-51744?
To fix CVE-2023-51744, update JT2Go to version 14.3.0.6 or later, and Teamcenter Visualization to the patched versions indicated.
What software versions are affected by CVE-2023-51744?
CVE-2023-51744 affects JT2Go versions prior to 14.3.0.6 and Teamcenter Visualization versions prior to 13.3.0.13, 14.1.0.12, 14.2.0.9, and 14.3.0.6.
Is there a workaround for CVE-2023-51744?
As of now, there are no known workarounds for CVE-2023-51744, and upgrading to the latest versions is necessary.
What are the potential impacts of CVE-2023-51744?
CVE-2023-51744 could potentially allow an attacker to execute arbitrary code or compromise system integrity.

agent/type
agent/weakness
agent/author
agent/references
agent/description
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/first-publish-date
agent/tags
agent/event
agent/source
vendor/siemens
canonical/siemens jt2go
canonical/siemens teamcenter visualization
version/siemens teamcenter visualization/13.3.0
version/siemens teamcenter visualization/14.1
version/siemens teamcenter visualization/14.2
version/siemens teamcenter visualization/14.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.