Multiple File Parsing Vulnerabilities in JTTK before V11.0.3.0 and JT Utilities before V13.0.3.0

Plan Patch7.8SSA-352143Dec 14, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

JTTK before V11.0.3.0 and JT Utilities before V13.0.3.0 contain multiple file parsing vulnerabilities (CWE-787 buffer overflow, CWE-416 use-after-free, CWE-125 out-of-bounds read) in JT file handling. When a user opens a maliciously crafted JT file, the parsing flaws could cause the application to crash or allow arbitrary code execution. The vulnerabilities are triggered during file read operations and require user interaction to exploit.

What this means

What could happen

An attacker could craft a malicious JT file that, when opened by an engineer or operator, causes the application to crash or potentially executes arbitrary code on the engineering workstation with the user's privileges.

Who's at risk

Engineering teams and CAD workstations at manufacturing plants, automotive suppliers, and any facility using Siemens JT file format for 3D model viewing and data exchange. This affects both JT Open Toolkit (developer/integrator use) and JT Utilities (end-user viewing).

How it could be exploited

An attacker creates a malicious JT file and tricks an engineer into opening it in JTTK or JT Utilities (via email, file share, or supply chain). The file exploits buffer overflows or use-after-free issues during parsing, causing a crash or running attacker code in the application context.

Prerequisites

User must open a malicious JT file with JTTK or JT Utilities
User interaction required (attacker must trick engineer to open file)

requires user interactionbuffer overflow and use-after-free vulnerabilitiespotential arbitrary code execution on engineering workstationaffects design/engineering data flow

Exploitability

Low exploit probability (EPSS 0.7%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

JT Utilities< V13.0.3.013.0.3.0

JTTK< V11.0.3.011.0.3.0

Remediation & Mitigation

0/3

Do now

0/1

JT Utilities

HARDENINGImplement a policy to verify and validate JT files from unknown or untrusted sources before opening in JTTK or JT Utilities

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

JTTK

HOTFIXUpdate JTTK to version 11.0.3.0 or later

JT Utilities

HOTFIXUpdate JT Utilities to version 13.0.3.0 or later

CVEs (3)

CVE-2021-44446 CVE-2021-44447 CVE-2021-44448

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a2238243-0dd2-426d-a2c2-468bd7f3a1fe