JT File Parsing Vulnerability in JTTK and Simcenter Femap
Plan Patch7.8SSA-611756Oct 11, 2022
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
An uninitialized pointer reference vulnerability exists in JTTK and Simcenter Femap during JT file parsing. A malicious JT file can trigger the vulnerability when opened, potentially causing application crash or arbitrary code execution with user privileges. The vulnerability is triggered by user interaction (opening a file), not remote network access.
What this means
What could happen
An attacker could craft a malicious JT file that, when opened by an engineer using JTTK or Simcenter Femap, could crash the application or execute arbitrary code with the privileges of the engineer running the tool.
Who's at risk
Engineering teams using Siemens JTTK (the JT file format parsing toolkit used by many CAD and analysis tools) and Simcenter Femap (finite element analysis software) should update immediately. This affects any organization that handles JT format design files in simulation, FEA, or PLM workflows.
How it could be exploited
An attacker sends a malicious JT (Jupiter Tessellation) file to an engineer via email or hosts it on a file repository. When the engineer opens the file in JTTK or Simcenter Femap, the uninitialized pointer in the JT file parser is dereferenced, triggering a crash or allowing code execution on the engineering workstation.
Prerequisites
- User interaction required: engineer must open the malicious JT file
- JTTK or Simcenter Femap must be installed on the workstation
- The file must be opened with an affected version of the application
User interaction required (medium risk)Affects engineering workstations not direct OT equipmentLow EPSS score (0.1%) suggests limited real-world exploitationPotential for arbitrary code execution if triggered
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (3)
3 with fix
ProductAffected VersionsFix Status
JTTK< V11.1.1.011.1.1.0
Simcenter Femap V2022.1< V2022.1.32022.1.3
Simcenter Femap V2022.2< V2022.2.22022.2.2
Remediation & Mitigation
0/4
Do now
0/1HARDENINGTrain engineers to avoid opening JT files from untrusted sources until patched
Schedule — requires maintenance window
0/3Patching may require device reboot — plan for process interruption
JTTK
HOTFIXUpdate JTTK to version 11.1.1.0 or later
Simcenter Femap V2022.1
HOTFIXUpdate Simcenter Femap V2022.1 to version 2022.1.3 or later
Simcenter Femap V2022.2
HOTFIXUpdate Simcenter Femap V2022.2 to version 2022.2.2 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/2829abe3-bea8-4840-8318-54abf74ae980