Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization

Plan Patch7.8SSA-553086May 10, 2022

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Multiple file parsing vulnerabilities exist in Siemens JT2Go and Teamcenter Visualization when processing specially crafted CGM, TIFF, or TG4 files. These vulnerabilities (CWE-835, CWE-476, CWE-680, CWE-415, CWE-824) can cause application crashes or lead to arbitrary code execution with user privileges. The vulnerabilities are triggered when a user opens a malicious file in the affected application. Siemens has released updates for affected versions.

What this means

What could happen

An attacker could craft a malicious CAD file (CGM, TIFF, or TG4 format) that, when opened by an engineer in JT2Go or Teamcenter Visualization, crashes the application or executes arbitrary commands with the user's privileges. This could be used to steal sensitive design data or compromise engineering workstations connected to your network.

Who's at risk

Engineering organizations and design teams who use Siemens JT2Go or Teamcenter Visualization for CAD file viewing and collaboration. This primarily affects design engineers, procurement staff, and anyone who receives or opens CAD files (CGM, TIFF, or TG4 formats) as part of their workflow. The risk is highest in organizations with external design collaboration or where files are exchanged with vendors or partners.

How it could be exploited

An attacker sends a crafted malicious file (CGM, TIFF, or TG4) to an engineer via email or file share. When the engineer opens the file in JT2Go or Teamcenter Visualization, the vulnerable file parser processes the malicious content and either crashes the application (denial of service) or executes arbitrary code with the user's account privileges.

Prerequisites

User must be tricked into opening a malicious file crafted in CGM, TIFF, or TG4 format
JT2Go or Teamcenter Visualization must be installed on the target engineering workstation
The vulnerable version of the affected product must be in use

Low-complexity exploitation (malicious file)User interaction required (must open file)Affects engineering design toolsPotential for arbitrary code execution

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

JT2Go< V13.3.0.313.3.0.3

Teamcenter Visualization V13.3< V13.3.0.313.3.0.3

Teamcenter Visualization V14.0< V14.0.0.114.0.0.1

Remediation & Mitigation

0/4

Do now

0/1

HARDENINGTrain users to avoid opening CAD files from untrusted sources and to verify file authenticity before opening

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

JT2Go

HOTFIXUpdate JT2Go to version 13.3.0.3 or later

Teamcenter Visualization V13.3

HOTFIXUpdate Teamcenter Visualization V13.3 to version 13.3.0.3 or later

Teamcenter Visualization V14.0

HOTFIXUpdate Teamcenter Visualization V14.0 to version 14.0.0.1 or later

CVEs (6)

CVE-2022-29028 CVE-2022-29029 CVE-2022-29030 CVE-2022-29031 CVE-2022-29032 CVE-2022-29033

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/9ba19294-c5bf-46d9-ae54-586acfc67b70