Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.5

Plan Patch7.8SSA-595101Dec 14, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Multiple file parsing vulnerabilities in JT2Go and Teamcenter Visualization versions before V13.2.0.5 exist in the handling of PDF, JT, TIFF, CGM, and TIF file formats. These vulnerabilities include buffer overflow (CWE-787), uninitialized variable (CWE-457), out-of-bounds read (CWE-125), off-by-one error (CWE-193), and use-after-free (CWE-416) conditions. When a user opens a maliciously crafted file in one of these formats with the affected applications, the vulnerabilities can be triggered, leading to application crash or arbitrary code execution with the privileges of the user running the application.

What this means

What could happen

A user opening a malicious document (PDF, JT, TIFF, CGM, or TIF file) in JT2Go or Teamcenter Visualization could crash the application or allow an attacker to run arbitrary code on the workstation. This risk is present in environments where users work with CAD/design files from external sources.

Who's at risk

CAD/design engineers and technicians who use JT2Go or Teamcenter Visualization to review or work with manufacturing design files, product lifecycle management (PLM) data, and technical documentation. This affects any organization using Siemens' design and visualization tools where file collaboration with external partners or suppliers occurs.

How it could be exploited

An attacker creates a malicious file in one of the supported formats (PDF, JT, TIFF, CGM, TIF) and tricks or socially engineers a user into opening it with JT2Go or Teamcenter Visualization. When the vulnerable application parses the crafted file, memory corruption vulnerabilities (buffer overflow, use-after-free, out-of-bounds read) are triggered, leading to a crash or code execution in the context of the logged-in user.

Prerequisites

User must open a malicious file with JT2Go or Teamcenter Visualization
File must be in a supported format (PDF, JT, TIFF, CGM, or TIF)
No special credentials or network access required

Low complexity attackRequires user interaction (file opening)Memory corruption vulnerabilities (buffer overflow, use-after-free)Affects design/engineering workstationsPatch available from vendor

Exploitability

Low exploit probability (EPSS 0.6%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

JT2Go< V13.2.0.513.2.0.5

Teamcenter Visualization< V13.2.0.513.2.0.5

Remediation & Mitigation

0/3

Do now

0/1

JT2Go

HARDENINGEducate users to avoid opening files from untrusted or unknown sources in JT2Go and Teamcenter Visualization

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

JT2Go

HOTFIXUpdate JT2Go to version 13.2.0.5 or later

Teamcenter Visualization

HOTFIXUpdate Teamcenter Visualization to version 13.2.0.5 or later

CVEs (16)

CVE-2021-44001 CVE-2021-44002 CVE-2021-44003 CVE-2021-44004 CVE-2021-44005 CVE-2021-44006 CVE-2021-44007 CVE-2021-44008 CVE-2021-44009 CVE-2021-44010 CVE-2021-44011 CVE-2021-44012 CVE-2021-44013 CVE-2021-44014 CVE-2021-44015 CVE-2021-44017

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/7b0e740a-3215-446a-8dc1-564d5b0122b7