What is the severity of CVE-2024-37997?

CVE-2024-37997 is classified as a critical vulnerability due to its potential impact on affected software.

How do I fix CVE-2024-37997?

To fix CVE-2024-37997, update your software to the latest version as specified in the vendor's security advisories.

Which versions are affected by CVE-2024-37997?

CVE-2024-37997 affects all versions of JT Open below 11.5, JT2Go below 2406.0003, PLM XML SDK below 7.1.0.014, and specific versions of Teamcenter Visualization.

What products are impacted by CVE-2024-37997?

CVE-2024-37997 impacts JT Open, Siemens JT2Go, Siemens PLM XML SDK, and various versions of Siemens Teamcenter Visualization.

Is there a workaround for CVE-2024-37997?

There are no known workarounds for CVE-2024-37997, so applying the necessary updates is the recommended action.

Vulnerability/
CVE-2024-37997

high

7.8

CWE

121

9/7/2024

1/5/2025

CVE-2024-37997

First published: Tue Jul 09 2024(Updated: )

A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter Visualization V14.2 (All versions < V14.2.0.13), Teamcenter Visualization V14.3 (All versions < V14.3.0.11), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0003). The affected applications contain a stack based overflow vulnerability while parsing specially crafted XML files. This could allow an attacker to execute code in the context of the current process.

Credit: productcert@siemens.com

Affected Software	Affected Version	How to fix
JT Open	<11.5
Siemens JT2Go	<2406.0003
Siemens PLM XML SDK	<7.1.0.014
Siemens Teamcenter Visualization	<14.2.0.13
Siemens Teamcenter Visualization	<14.3.0.11
Siemens Teamcenter Visualization	<2312.0008
Siemens Teamcenter Visualization	<2406.0003

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-37997?
CVE-2024-37997 is classified as a critical vulnerability due to its potential impact on affected software.
How do I fix CVE-2024-37997?
To fix CVE-2024-37997, update your software to the latest version as specified in the vendor's security advisories.
Which versions are affected by CVE-2024-37997?
CVE-2024-37997 affects all versions of JT Open below 11.5, JT2Go below 2406.0003, PLM XML SDK below 7.1.0.014, and specific versions of Teamcenter Visualization.
What products are impacted by CVE-2024-37997?
CVE-2024-37997 impacts JT Open, Siemens JT2Go, Siemens PLM XML SDK, and various versions of Siemens Teamcenter Visualization.
Is there a workaround for CVE-2024-37997?
There are no known workarounds for CVE-2024-37997, so applying the necessary updates is the recommended action.

agent/weakness
agent/first-publish-date
agent/type
agent/severity
agent/author
agent/event
agent/references
collector/nvd-api
source/NVD
agent/description
agent/source
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/softwarecombine
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/jt open
canonical/jt open
vendor/siemens
canonical/siemens jt2go
canonical/siemens plm xml sdk
canonical/siemens teamcenter visualization

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.