Datalogics File Parsing Vulnerability in Teamcenter Visualization and JT2Go

Plan Patch7.8SSA-829738Jul 12, 2022

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

An out-of-bounds write vulnerability exists in the Datalogics APDFL PDF parsing library used by Siemens Teamcenter Visualization and JT2Go. Opening a malicious PDF file in these applications could cause the application to crash or allow arbitrary code execution. Siemens has released patched versions: JT2Go version 13.3.0.5 or later, Teamcenter Visualization V13.3 version 13.3.0.5 or later, and Teamcenter Visualization V14.0 version 14.0.0.2 or later.

What this means

What could happen

An attacker could craft a malicious PDF file that, when opened by an engineer in Teamcenter Visualization or JT2Go, causes the application to crash or executes arbitrary code on the engineering workstation with the user's privileges.

Who's at risk

This affects design engineers and CAD operators at manufacturing facilities, utilities, and large industrial plants who use Teamcenter Visualization or JT2Go for 3D model and technical document review. It is particularly relevant for organizations managing critical infrastructure asset design and configuration, such as electric utilities and water authorities that use these tools for equipment specification and engineering documentation.

How it could be exploited

An attacker creates a specially crafted PDF with an out-of-bounds write flaw in the PDF parsing library. When a design engineer opens this PDF in Teamcenter Visualization or JT2Go, the vulnerability allows the attacker to run code on the workstation. This could be delivered via email or by placing it on a shared file system where engineers typically access design documents.

Prerequisites

User must open a malicious PDF file in Teamcenter Visualization or JT2Go
User interaction required (engineer clicks to open file)
No special network access or credentials needed

User interaction requiredAffects engineering workstationsCould lead to code execution on design systemPatch available from vendor

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

JT2Go< V13.3.0.513.3.0.5

Teamcenter Visualization V13.3< V13.3.0.513.3.0.5

Teamcenter Visualization V14.0< V14.0.0.214.0.0.2

Remediation & Mitigation

0/5

Do now

0/1

HARDENINGAdvise engineering staff not to open PDF files from untrusted sources or unexpected emails, especially if requesting design reviews or collaboration

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

JT2Go

HOTFIXUpdate JT2Go to version 13.3.0.5 or later

Teamcenter Visualization V13.3

HOTFIXUpdate Teamcenter Visualization V13.3 to version 13.3.0.5 or later

Teamcenter Visualization V14.0

HOTFIXUpdate Teamcenter Visualization V14.0 to version 14.0.0.2 or later

Long-term hardening

0/1

HARDENINGRestrict file-open dialog and shared folder access to trusted, monitored locations only

CVEs (1)

CVE-2022-2069

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/af3589a3-58e1-407c-a40b-9f3b2c43b6f9