Siemens JT2Go and Teamcenter Visualization (Update A)

Plan Patch7.8ICS-CERT ICSA-21-222-03Aug 10, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Siemens JT2Go and Teamcenter Visualization contain buffer overflow and out-of-bounds read vulnerabilities (CWE-754, CWE-787, CWE-125) in file parsing routines for DGN and PAR files. These vulnerabilities can be triggered when a user opens a malicious file, leading to application crash or potential arbitrary code execution on the user's workstation.

What this means

What could happen

An attacker could trick an engineer into opening a malicious DGN or PAR file, causing the application to crash and interrupt visualization work, or potentially executing arbitrary code on the engineering workstation with the user's privileges.

Who's at risk

Design and engineering teams using Siemens JT2Go or Teamcenter Visualization for 3D model visualization and collaboration. Risk is highest for organizations that receive design files from external sources or allow downloads from untrusted networks.

How it could be exploited

Attacker crafts a malicious DGN or PAR file and delivers it via email, file sharing, or storage location accessible to the target engineer. When the engineer opens the file in JT2Go or Teamcenter Visualization, the vulnerable parser processes the malicious file structure, triggering a buffer overflow or out-of-bounds read that crashes the application or runs attacker code with the engineer's privileges.

Prerequisites

User must open a malicious DGN or PAR file in JT2Go or Teamcenter Visualization
User must have sufficient privileges to run the application (typically local user account)

local exploitation only (requires user interaction)low complexity attackuser interaction required (social engineering)affects engineering workstations and design processesno authentication required for file parsing

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

JT2Go<V13.2.0.213.2.0.2

Teamcenter Visualization<V13.2.0.213.2.0.2

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDDo not open untrusted DGN or PAR files from unknown sources or suspicious emails

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

JT2Go

HOTFIXUpdate JT2Go to version 13.2.0.2 or later

Teamcenter Visualization

HOTFIXUpdate Teamcenter Visualization to version 13.2.0.2 or later

Long-term hardening

0/1

HARDENINGConfigure network access controls to limit where engineering workstations can retrieve files

CVEs (3)

CVE-2021-32946 CVE-2021-33738 CVE-2021-32952

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/4c6cf930-7073-4fae-a719-e8566d0d7681