​Siemens JT Open, JT Utilities, and Parasolid
Plan Patch7.8ICS-CERT ICSA-23-222-03Aug 8, 2023
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
JT Open Toolkit, JT Utilities, and Parasolid are vulnerable to memory corruption when parsing specially crafted JT files. An attacker could cause application crashes or potentially execute arbitrary code by convincing a user to open a malicious JT file. These vulnerabilities are triggered only through user interaction—they cannot be exploited remotely or without opening the malicious file.
What this means
What could happen
Memory corruption in JT file parsing could crash engineering workstations or allow arbitrary code execution if a user opens a malicious JT file. This affects design and modeling workflows but does not directly impact running industrial processes.
Who's at risk
Engineering departments and design teams using Siemens Parasolid, JT Open Toolkit, or JT Utilities on workstations should apply updates. This affects CAD/modeling environments used for equipment design and plant documentation, not runtime control systems. Organizations that share JT design files externally or receive them from third parties should prioritize patching.
How it could be exploited
An attacker creates a malicious JT file with crafted data that triggers a memory corruption flaw. The attacker must trick a user into opening the file using JT Open, JT Utilities, or Parasolid. The vulnerable code parses the JT file format and crashes or executes attacker code on the user's workstation.
Prerequisites
- User interaction required: victim must open the malicious JT file
- Vulnerable version of JT Open, JT Utilities, or Parasolid must be installed
- Local execution context (no network attack vector)
- Social engineering or file sharing mechanism to deliver the malicious JT file
User interaction required for exploitationLow attack complexityAffects design/engineering tools, not safety systemsMemory corruption can lead to code executionNo active public exploits reported
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (6)
6 with fix
ProductAffected VersionsFix Status
JT Open<V11.411.4
JT Utilities<V13.413.4
Parasolid V34.0<V34.0.25334.0.253
Parasolid V34.1<V34.1.24334.1.243
Parasolid V35.0<V35.0.17735.0.177
Parasolid V35.1<V35.1.07335.1.073
Remediation & Mitigation
0/8
Do now
0/1WORKAROUNDDo not open untrusted JT files in affected products
Schedule — requires maintenance window
0/6Patching may require device reboot — plan for process interruption
JT Open
HOTFIXUpdate JT Open to version 11.4 or later
JT Utilities
HOTFIXUpdate JT Utilities to version 13.4 or later
Parasolid V34.0
HOTFIXUpdate Parasolid V34.0 to version 34.0.253 or later
Parasolid V34.1
HOTFIXUpdate Parasolid V34.1 to version 34.1.243 or later
Parasolid V35.0
HOTFIXUpdate Parasolid V35.0 to version 35.0.177 or later
Parasolid V35.1
HOTFIXUpdate Parasolid V35.1 to version 35.1.073 or later
Long-term hardening
0/1HARDENINGRestrict users from downloading or receiving JT files from untrusted sources
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/2fe632da-66d3-4bcd-8d10-bc020547f8a1