OTPulse
FeedAboutContact

Siemens JT2Go and Teamcenter Visualization

Plan Patch7.8ICS-CERT ICSA-21-159-14Jun 8, 2021
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Siemens JT2Go and Teamcenter Visualization versions before V13.1.0.3 contain a buffer overflow vulnerability (CWE-787) triggered when reading TIFF files. If a user opens a malicious TIFF file with the affected products, it could cause application crash, arbitrary code execution, or data extraction on the host system.

What this means
What could happen
An attacker who tricks a user into opening a malicious TIFF file could crash the visualization application or execute arbitrary code on the workstation running JT2Go or Teamcenter Visualization, potentially compromising engineering data or access credentials stored on that machine.
Who's at risk
This affects engineering and design teams who use Siemens JT2Go or Teamcenter Visualization for 3D model viewing and collaboration. Workstations running these tools in manufacturing, plant design, or systems engineering departments are at risk. Any organization with Siemens CAD/visualization workflows should patch.
How it could be exploited
An attacker crafts a malicious TIFF file and tricks an engineer or designer into opening it using JT2Go or Teamcenter Visualization (via email, file sharing, or compromised file repository). When the application parses the file, the buffer overflow is triggered, allowing code execution on the workstation.
Prerequisites
  • User must open a malicious TIFF file with JT2Go or Teamcenter Visualization
  • JT2Go or Teamcenter Visualization must be version 13.1.0.3 or earlier
Low complexity attackUser interaction required (social engineering)No authentication requiredAffects engineering workstations
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
JT2Go<V13.1.0.313.1.0.3
Teamcenter Visualization<V13.1.0.313.1.0.3
Remediation & Mitigation
0/4
Do now
0/1
JT2Go
WORKAROUNDEstablish a policy restricting users from opening TIFF files from untrusted or unknown sources in JT2Go and Teamcenter Visualization
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

JT2Go
HOTFIXUpdate JT2Go to version 13.1.0.3 or later
Teamcenter Visualization
HOTFIXUpdate Teamcenter Visualization to version 13.1.0.3 or later
Long-term hardening
0/1
HARDENINGImplement user training to recognize phishing or file-sharing attempts that distribute malicious CAD/visualization files
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/aa639e37-83d0-4151-89c7-4c8b557c0f00
Siemens JT2Go and Teamcenter Visualization | CVSS 7.8 - OTPulse