Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0.1

Plan Patch7.8SSA-663999Feb 9, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Siemens JT2Go and Teamcenter Visualization versions before V13.1.0.1 contain multiple file parsing vulnerabilities that can be triggered when the products read files in various formats (BMP, TIFF, CGM, TGA, PCT, HPG, PLT, RAS, PAR, ASM, DXF, DWG). These vulnerabilities include buffer overflows and out-of-bounds access issues. A user tricked into opening a malicious file with these products could experience application crash, arbitrary code execution, or data extraction on the target system.

What this means

What could happen

An attacker could trick a user into opening a malicious file in JT2Go or Teamcenter Visualization, leading to a crash of the application or potentially executing arbitrary commands on the workstation with the privileges of the user running the application. This could result in loss of engineering data or unauthorized access to design information.

Who's at risk

Engineering and design teams using JT2Go or Teamcenter Visualization should be concerned, particularly in manufacturing, automotive, and industrial design sectors. These products are commonly used on engineering workstations to view and manipulate CAD files and design data. Compromised workstations could lead to theft of intellectual property or sabotage of design files.

How it could be exploited

An attacker crafts a malicious file in one of the supported formats (BMP, TIFF, CGM, TGA, DXF, DWG, etc.) with specially crafted content that triggers a buffer overflow or out-of-bounds memory access. The attacker then tricks or social engineers a user into opening the file using JT2Go or Teamcenter Visualization. When the vulnerable file parser processes the malicious file, it executes attacker-controlled code on the user's workstation.

Prerequisites

<parameter name="prerequisite">User must open a malicious file with JT2Go or Teamcenter Visualization

<parameter name="risk">User-interaction required (social engineering attack)

Exploitability

Moderate exploit probability (EPSS 1.8%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

JT2Go< V13.1.0.113.1.0.1

Teamcenter Visualization< V13.1.0.113.1.0.1

Remediation & Mitigation

Update to V13.1.0.1 or later version

CVEs (18)

CVE-2020-26989 CVE-2020-26990 CVE-2020-27000 CVE-2020-27003 CVE-2020-27004 CVE-2020-27005 CVE-2020-27006 CVE-2020-27007 CVE-2020-27008 CVE-2020-28383 CVE-2020-28394 CVE-2021-25173 CVE-2021-25174 CVE-2021-25175 CVE-2021-25176 CVE-2021-25177 CVE-2021-25178 CVE-2021-31784

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/9c538ec4-bdb8-4d3a-a83a-026dd4e8395d