File Parsing Vulnerabilities in JT Translator in NX

Low Risk3.3SSA-740908Nov 9, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Siemens NX is affected by file parsing vulnerabilities triggered when reading JT files. If a user opens a malicious JT file with NX 1980 Series (version < V1984), it could cause an access violation leading to application crash or arbitrary code execution on the target host system. Siemens has released an update to version 1984 and recommends avoiding untrusted files from unknown sources.

What this means

What could happen

A user who opens a malicious JT file in NX 1980 could cause the application to crash or potentially allow an attacker to execute arbitrary code on the engineering workstation.

Who's at risk

Design engineers and technicians using Siemens NX 1980 Series to review or modify JT format CAD/3D model files. This affects any organization using NX for design work, including industrial equipment manufacturers, automotive suppliers, and engineering firms that supply control system designs.

How it could be exploited

An attacker creates a specially crafted JT file and tricks a design engineer or technician into opening it with NX 1980. When the file is parsed, the vulnerability is triggered, either crashing the application or executing attacker code on the workstation with the user's privileges.

Prerequisites

User must open a malicious JT file
User must have NX 1980 Series version < V1984 installed
File must originate from an untrusted source

locally exploitableuser interaction required (social engineering)low complexityaffects engineering workstations

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (1)

ProductAffected VersionsFix Status

NX 1980 Series< V19841984

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDInstruct users to avoid opening JT files from untrusted sources or unknown senders

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate NX 1980 Series to version 1984 or later

Long-term hardening

0/1

HARDENINGImplement file source verification controls for engineering workstations (e.g., restrict file imports to approved directories or storage)

CVEs (2)

CVE-2021-41533 CVE-2021-41534

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/81c542b3-536d-49cc-936b-c4b3508d2265