Multiple File Parsing Vulnerabilities in JTTK before V11.1.1.0 and JT Utilities before V13.1.1.0

Plan Patch7.8SSA-802578Dec 14, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Multiple vulnerabilities in JT Open Toolkit (JTTK) and JT Utilities related to memory corruption during parsing of JT files. These include buffer overflow (CWE-787, CWE-125), out-of-bounds access (CWE-121, CWE-119, CWE-122), and use-after-free (CWE-416) conditions. A maliciously crafted JT file can trigger these flaws, causing application crash or arbitrary code execution. Exploitation requires user interaction to open the malicious file.

What this means

What could happen

An attacker could trick an engineer into opening a malicious JT file, causing the design application to crash or potentially execute arbitrary commands on the workstation. This affects engineering workflows and could compromise design/configuration data if code execution occurs.

Who's at risk

Engineering workstations and design offices using Siemens JTTK or JT Utilities. This affects anyone who opens JT (Jupiter Tessellation) design files as part of product design, manufacturing engineering, or plant configuration work. Facilities that use Siemens CAD, PLM, or simulation tools that exchange JT files are at risk if workstations have not been patched.

How it could be exploited

An attacker crafts a malicious JT file and tricks an engineer into opening it with JTTK or JT Utilities (via email, file share, or social engineering). When the vulnerable application parses the file, memory corruption vulnerabilities in the JT file parsing code are triggered, causing a crash or allowing code execution in the context of the application.

Prerequisites

User interaction required: engineer must open a malicious JT file
JT Utilities or JTTK application must be installed
File must be opened from an untrusted source

User interaction requiredModerate EPSS score (0.9%)Could lead to code execution on engineering workstationMemory corruption vulnerabilities (buffer overflows, use-after-free)

Exploitability

Low exploit probability (EPSS 0.9%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

JT Utilities< V13.1.1.013.1.1.0

JTTK< V11.1.1.011.1.1.0

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDEducate engineers to only open JT files from trusted sources and avoid opening files from unknown origins or unsolicited communications

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

JT Utilities

HOTFIXUpdate JT Utilities to version 13.1.1.0 or later

JTTK

HOTFIXUpdate JTTK to version 11.1.1.0 or later

Long-term hardening

0/1

HARDENINGImplement network controls to prevent direct email delivery of .jt files or require approval for opening such files

CVEs (16)

CVE-2021-44430 CVE-2021-44431 CVE-2021-44432 CVE-2021-44433 CVE-2021-44434 CVE-2021-44435 CVE-2021-44436 CVE-2021-44437 CVE-2021-44438 CVE-2021-44439 CVE-2021-44440 CVE-2021-44441 CVE-2021-44442 CVE-2021-44443 CVE-2021-44444 CVE-2021-44445

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c766e30e-bbdc-4f93-a3db-bf6775fec8e0