Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go
Plan Patch7.8SSA-629917Apr 11, 2023
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Siemens Teamcenter Visualization and JT2Go contain a memory corruption vulnerability in the embedded Datalogics APDFL (Adobe PDF Library). The vulnerability is triggered when a user opens a specially crafted PDF file. Successful exploitation could cause the application to crash or, in worst case, allow arbitrary code execution on the workstation running the affected software.
What this means
What could happen
An attacker could trick an operator into opening a malicious PDF file, causing the Teamcenter Visualization or JT2Go application to crash or potentially execute arbitrary code on the engineering workstation.
Who's at risk
Engineering and design staff who use Siemens Teamcenter Visualization (versions 13.2, 13.3, 14.0, 14.1, or 14.2) or JT2Go (versions before 14.2.0.2) on their workstations. This affects any organization using these design visualization tools for CAD/model review and collaboration, including manufacturing, engineering, and process design departments.
How it could be exploited
An attacker crafts a malicious PDF file and sends it to an operator (via email, file share, or other means). When the operator opens the PDF in JT2Go or Teamcenter Visualization, the vulnerable APDFL library attempts to parse the file, triggering a memory corruption flaw that crashes the application or allows code execution on the workstation.
Prerequisites
- User interaction required: operator must open a malicious PDF file
- JT2Go or Teamcenter Visualization installed on the target workstation
- Affected version of the product running
User interaction requiredLow complexity attackEngineering workstation targetedPotential code execution on design workstation
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (6)
6 with fix
ProductAffected VersionsFix Status
JT2Go< V14.2.0.214.2.0.2
Teamcenter Visualization V13.2< V13.2.0.1313.2.0.13
Teamcenter Visualization V13.3< V13.3.0.913.3.0.9
Teamcenter Visualization V14.0< V14.0.0.514.0.0.5
Teamcenter Visualization V14.1< V14.1.0.714.1.0.7
Teamcenter Visualization V14.2< V14.2.0.214.2.0.2
Remediation & Mitigation
0/8
Do now
0/2WORKAROUNDRestrict file opening permissions or implement email filtering to block unexpected PDF attachments from external sources
HARDENINGEducate operators about the risks of opening PDF files from untrusted sources
Schedule — requires maintenance window
0/6Patching may require device reboot — plan for process interruption
JT2Go
HOTFIXUpdate JT2Go to version 14.2.0.2 or later
Teamcenter Visualization V13.2
HOTFIXUpdate Teamcenter Visualization V13.2 to version 13.2.0.13 or later
Teamcenter Visualization V13.3
HOTFIXUpdate Teamcenter Visualization V13.3 to version 13.3.0.9 or later
Teamcenter Visualization V14.0
HOTFIXUpdate Teamcenter Visualization V14.0 to version 14.0.0.5 or later
Teamcenter Visualization V14.1
HOTFIXUpdate Teamcenter Visualization V14.1 to version 14.1.0.7 or later
Teamcenter Visualization V14.2
HOTFIXUpdate Teamcenter Visualization V14.2 to version 14.2.0.2 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/8344f234-d840-4ffe-8cb7-d81f895ef551