Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0

Plan Patch7.8SSA-622830Jan 12, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Multiple file parsing vulnerabilities exist in JT2Go and Teamcenter Visualization versions before V13.1.0. The vulnerabilities can be triggered when the products process files in various formats including JT, XML, CG4, CGM, PDF, RGB, SGI, TGA, PAR, and PCX. Successful exploitation requires a user to open a malicious file and could result in application crash, arbitrary code execution, or data extraction on the affected system.

What this means

What could happen

An attacker could craft a malicious file that, when opened by an engineer or technician in JT2Go or Teamcenter Visualization, executes arbitrary code on that workstation or extracts sensitive engineering data. This could compromise the confidentiality and integrity of design files and production models used in manufacturing operations.

Who's at risk

Design and manufacturing engineering teams who use JT2Go or Teamcenter Visualization for 3D model viewing and design collaboration. This includes automotive, aerospace, machinery manufacturing, and industrial equipment design organizations where these Siemens tools are standard for CAD visualization and model management.

How it could be exploited

An attacker creates a malicious file (JT, XML, PDF, CGM, or another supported format) and tricks a user into opening it within JT2Go or Teamcenter Visualization. The vulnerable file parsing code fails to validate or safely handle the crafted file content, leading to a memory corruption condition that allows code execution or crashes the application.

Prerequisites

User interaction required: target user must open the malicious file in JT2Go or Teamcenter Visualization
The user must have JT2Go or Teamcenter Visualization installed on the workstation
Local access to the affected product or ability to deliver a file to the user via email, file share, or web link

Requires user interaction (file opening)Multiple file format parsers affectedPotential for arbitrary code executionEngineering workstations often have broad network and data accessAffects design data confidentiality

Exploitability

Moderate exploit probability (EPSS 4.1%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

JT2Go< V13.1.013.1.0

Teamcenter Visualization< V13.1.013.1.0

Remediation & Mitigation

0/5

Do now

0/1

WORKAROUNDEstablish a policy prohibiting users from opening design files (JT, XML, PDF, CGM, and similar formats) from untrusted or unknown external sources

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

JT2Go

HOTFIXUpdate JT2Go to version V13.1.0 or later

Teamcenter Visualization

HOTFIXUpdate Teamcenter Visualization to version V13.1.0 or later

Long-term hardening

0/2

HARDENINGImplement file validation and scanning at the network boundary to detect suspicious or malformed files before they reach engineering workstations

HARDENINGEducate engineering and design staff on the risks of opening unsolicited files from external parties

CVEs (14)

CVE-2020-26980 CVE-2020-26981 CVE-2020-26982 CVE-2020-26983 CVE-2020-26984 CVE-2020-26985 CVE-2020-26986 CVE-2020-26987 CVE-2020-26988 CVE-2020-26992 CVE-2020-26993 CVE-2020-26994 CVE-2020-26995 CVE-2020-26996

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e92fe11f-c54f-4484-b0dd-f9f3dabccdd6