Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go
Plan Patch7.8SSA-794653Jan 9, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Multiple file parsing vulnerabilities exist in Siemens Teamcenter Visualization (versions 13.3, 14.1, 14.2, 14.3) and JT2Go that can be triggered when processing malicious Computer Graphics Metafile (CGM) files. These vulnerabilities involve out-of-bounds reads (CWE-125), null pointer dereferences (CWE-476), and stack-based buffer overflows (CWE-121). If a user opens a specially crafted CGM file, the application may crash or potentially execute arbitrary code.
What this means
What could happen
An attacker could craft a malicious CGM file that, when opened by a user in Teamcenter Visualization or JT2Go, may crash the application or potentially execute arbitrary code on the engineering workstation.
Who's at risk
Design and engineering teams using Teamcenter Visualization or JT2Go to view and work with 3D models and technical drawings. This includes any organization using these tools for product lifecycle management, CAD data visualization, or collaborative engineering where users might open model files from external or untrusted sources.
How it could be exploited
An attacker creates a malicious Computer Graphics Metafile (CGM) with crafted parsing data and sends it to a user or places it in a shared project repository. When the user opens the file in Teamcenter Visualization or JT2Go, the application's file parser processes the malicious content, triggering a memory corruption vulnerability that could allow code execution or crash the application.
Prerequisites
- User interaction required: victim must open a malicious CGM file in Teamcenter Visualization or JT2Go
- Access to deliver or place the malicious file in a location the user will access (email, shared folder, supply chain)
Requires user interaction to triggerPotential for arbitrary code execution on engineering workstationsAffects design/engineering environments which may have access to sensitive product data
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (5)
5 with fix
ProductAffected VersionsFix Status
JT2Go<V14.3.0.614.3.0.6
Teamcenter Visualization V13.3<V13.3.0.1313.3.0.13
Teamcenter Visualization V14.1<V14.1.0.1214.1.0.12
Teamcenter Visualization V14.2<V14.2.0.914.2.0.9
Teamcenter Visualization V14.3<V14.3.0.614.3.0.6
Remediation & Mitigation
0/7
Do now
0/2HARDENINGTrain users not to open CGM files from untrusted sources or unexpected locations
WORKAROUNDIf updates cannot be applied immediately, restrict opening of CGM files from external sources until patched
Schedule — requires maintenance window
0/5Patching may require device reboot — plan for process interruption
JT2Go
HOTFIXUpdate JT2Go to version 14.3.0.6 or later
Teamcenter Visualization V13.3
HOTFIXUpdate Teamcenter Visualization V13.3 to version 13.3.0.13 or later
Teamcenter Visualization V14.1
HOTFIXUpdate Teamcenter Visualization V14.1 to version 14.1.0.12 or later
Teamcenter Visualization V14.2
HOTFIXUpdate Teamcenter Visualization V14.2 to version 14.2.0.9 or later
Teamcenter Visualization V14.3
HOTFIXUpdate Teamcenter Visualization V14.3 to version 14.3.0.6 or later
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/d20ecccb-5687-4ea1-80f1-751ea276ce59