Siemens Teamcenter Visualization and JT2Go
Plan Patch7.8ICS-CERT ICSA-23-103-11Apr 11, 2023
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
A memory corruption vulnerability exists in the APDFL library used by Siemens Teamcenter Visualization and JT2Go. When a user opens a malicious PDF file with affected versions of these products, the memory corruption can cause the application to crash or allow arbitrary code execution. The vulnerability is triggered by user interaction (opening a file) and is not remotely exploitable.
What this means
What could happen
An attacker could trick a user into opening a malicious PDF file, causing the Teamcenter or JT2Go application to crash or potentially execute arbitrary code on the engineering workstation. This could allow an attacker to gain control of design and manufacturing software systems.
Who's at risk
Manufacturing and engineering organizations using Siemens Teamcenter Visualization or JT2Go for CAD/CAM design and visualization. This primarily affects engineering teams, design departments, and manufacturing planners who use these visualization tools to work with product designs and technical documentation.
How it could be exploited
An attacker creates a malicious PDF file and tricks a user (typically an engineer or designer) into opening it using JT2Go or Teamcenter Visualization. When opened, the memory corruption in the APDFL PDF parsing library causes the application to crash or, in more severe cases, allows the attacker's code to run with the privileges of the user who opened the file.
Prerequisites
- User must open a malicious PDF file using JT2Go or Teamcenter Visualization
- Social engineering required to convince user to open untrusted file
- Affected version of the product must be running
Low attack complexityUser interaction required (file must be opened)Social engineering vectorCan affect design and manufacturing software systemsPatch available for all affected versions
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (6)
6 with fix
ProductAffected VersionsFix Status
JT2Go<V14.2.0.214.2.0.2
Teamcenter Visualization V13.2<V13.2.0.1313.2.0.13
Teamcenter Visualization V13.3<V13.3.0.913.3.0.9
Teamcenter Visualization V14.0<V14.0.0.514.0.0.5
Teamcenter Visualization V14.1<V14.1.0.714.1.0.7
Teamcenter Visualization V14.2<V14.2.0.214.2.0.2
Remediation & Mitigation
0/8
Do now
0/1JT2Go
WORKAROUNDEducate users not to open PDF files from untrusted sources in JT2Go and Teamcenter Visualization
Schedule — requires maintenance window
0/6Patching may require device reboot — plan for process interruption
JT2Go
HOTFIXUpdate JT2Go to version 14.2.0.2 or later
Teamcenter Visualization V13.2
HOTFIXUpdate Teamcenter Visualization V13.2 to version 13.2.0.13 or later
Teamcenter Visualization V13.3
HOTFIXUpdate Teamcenter Visualization V13.3 to version 13.3.0.9 or later
Teamcenter Visualization V14.0
HOTFIXUpdate Teamcenter Visualization V14.0 to version 14.0.0.5 or later
Teamcenter Visualization V14.1
HOTFIXUpdate Teamcenter Visualization V14.1 to version 14.1.0.7 or later
Teamcenter Visualization V14.2
HOTFIXUpdate Teamcenter Visualization V14.2 to version 14.2.0.2 or later
Long-term hardening
0/1HARDENINGRestrict file-opening capabilities by user role or access controls where possible
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/943ad0df-eb62-4542-8ede-42e7e971149a