Siemens Teamcenter Visualization and JT2Go
Plan Patch7.8ICS-CERT ICSA-24-193-03Jul 9, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
An out-of-bounds read vulnerability exists in the APDFL PDF library used by Siemens Teamcenter Visualization (versions 14.1, 14.2, 14.3, and 2312) and JT2Go (version before 14.3.0.8). Opening a malicious PDF file in these applications can cause a denial of service or potential arbitrary code execution. The vulnerability requires user interaction and local access to an affected workstation.
What this means
What could happen
An attacker can craft a malicious PDF file that, when opened in affected Teamcenter Visualization or JT2Go applications, causes the application to crash or potentially executes arbitrary code on the engineering workstation. This could interrupt design review processes or enable an attacker to compromise the workstation used for plant design and configuration.
Who's at risk
This affects engineering teams and design centers that use Siemens Teamcenter Visualization (versions 14.1, 14.2, 14.3, and 2312) or the standalone JT2Go viewer. Organizations managing plant designs, 3D models, and process documentation should inventory which workstations run these products.
How it could be exploited
An attacker sends a malicious PDF file (via email, shared drive, or other means) to an engineer or designer. When the target user opens the PDF in an affected version of Teamcenter Visualization or JT2Go, the out-of-bounds read in the embedded APDFL PDF library is triggered. This can crash the application or, in the worst case, allow the attacker to run code with the privileges of the user opening the file.
Prerequisites
- User must open a malicious PDF file using a vulnerable version of the affected application
- Local access to the workstation running the vulnerable software
- User interaction required (must be tricked to open the file)
User interaction required (social engineering via malicious PDF)Local access only (not remotely exploitable)Affects design and engineering workstationsLow exploit probability (EPSS 0.2%)
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (5)
5 with fix
ProductAffected VersionsFix Status
JT2Go<V14.3.0.814.3.0.8
Teamcenter Visualization V14.1<V14.1.0.1414.1.0.14
Teamcenter Visualization V14.2<V14.2.0.1014.2.0.10
Teamcenter Visualization V14.3<V14.3.0.814.3.0.8
Teamcenter Visualization V2312<V2312.00022312.0002
Remediation & Mitigation
0/7
Do now
0/1WORKAROUNDInstruct users not to open untrusted or unexpected PDF files with affected applications
Schedule — requires maintenance window
0/5Patching may require device reboot — plan for process interruption
Teamcenter Visualization V14.1
HOTFIXUpdate Teamcenter Visualization V14.1 to version 14.1.0.14 or later
Teamcenter Visualization V14.2
HOTFIXUpdate Teamcenter Visualization V14.2 to version 14.2.0.10 or later
Teamcenter Visualization V14.3
HOTFIXUpdate Teamcenter Visualization V14.3 to version 14.3.0.8 or later
JT2Go
HOTFIXUpdate JT2Go to version 14.3.0.8 or later
Teamcenter Visualization V2312
HOTFIXUpdate Teamcenter Visualization V2312 to version 2312.0002 or later
Long-term hardening
0/1HARDENINGRestrict network access to engineering workstations and isolate design systems from business networks
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/1ef46945-7a77-48de-926c-e5231aac5825