Open Design Alliance Drawings SDK (Update A)

Plan Patch7.8ICS-CERT ICSA-21-047-01Feb 9, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Open Design Alliance Drawings SDK contains multiple memory corruption vulnerabilities (buffer overflow, out-of-bounds access, integer overflow) triggered when reading malformed or malicious files in formats including BMP, TIFF, CGM, TGA, PCT, HPG, PLT, RAS, PAR, ASM, DXF, and DWG. Exploitation requires a user to open a specially crafted malicious file. Successful exploitation could cause application crash, arbitrary code execution, or data extraction on the target host. Siemens products JT2Go and Teamcenter Visualization depend on this SDK and are affected.

What this means

What could happen

An attacker could craft a malicious drawing file (DWG, DXF, etc.) that, when opened in JT2Go or Teamcenter Visualization, crashes the application or runs arbitrary code with the privileges of the user opening the file. This could lead to unauthorized access to engineering data or disruption of design review and documentation workflows.

Who's at risk

Engineering teams and design departments using Siemens JT2Go or Teamcenter Visualization for CAD file review and visualization. Any organization that receives or exchanges drawing files (DWG, DXF, TIFF, etc.) from external sources. This includes manufacturers, utilities, and engineering firms in critical infrastructure sectors.

How it could be exploited

An attacker sends or hosts a malicious drawing file (DWG, DXF, BMP, TIFF, or other supported format) and tricks an engineer or operator into opening it using JT2Go or Teamcenter Visualization. When the file is opened, the memory corruption vulnerability is triggered, causing either a crash or execution of attacker-supplied code on the workstation.

Prerequisites

User action required to open untrusted file
Affected product (JT2Go or Teamcenter Visualization) installed on workstation
File in one of the vulnerable formats (DWG, DXF, BMP, TIFF, CGM, TGA, PCT, HPG, PLT, RAS, PAR, or ASM)

Low attack complexityUser interaction required (social engineering)Memory corruption vulnerabilities (buffer overflow, integer overflow)Could lead to arbitrary code executionAffects design and engineering workstations

Exploitability

Moderate exploit probability (EPSS 1.8%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

JT2Go<V13.1.0.113.1.0.1

Teamcenter Visualization<V13.1.0.113.1.0.1

Remediation & Mitigation

0/5

Do now

0/1

WORKAROUNDEducate users to open drawing files only from trusted sources and avoid opening unsolicited file attachments

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

JT2Go

HOTFIXUpdate JT2Go to version 13.1.0.1 or later

Teamcenter Visualization

HOTFIXUpdate Teamcenter Visualization to version 13.1.0.1 or later

Long-term hardening

0/2

HARDENINGEnforce least-privilege user principle for engineering workstations; run Siemens design tools with minimal necessary permissions

HARDENINGImplement email gateway controls to filter or quarantine CAD file attachments (DWG, DXF, etc.) from untrusted senders

CVEs (18)

CVE-2020-27005 CVE-2020-27008 CVE-2021-25175 CVE-2021-25176 CVE-2021-25178 CVE-2021-31784 CVE-2020-26989 CVE-2020-26990 CVE-2020-27000 CVE-2020-27003 CVE-2020-27004 CVE-2020-27006 CVE-2020-27007 CVE-2020-28383 CVE-2020-28394 CVE-2021-25173 CVE-2021-25174 CVE-2021-25177

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/34c76a23-597b-48a9-a481-690b37f9de9f