JT File Parsing Vulnerabilities in JT Open, JT Utilities and Solid Edge

Plan Patch7.8SSA-936212Jan 10, 2023

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

JT Open Toolkit, JT Utilities, and Solid Edge contain memory corruption vulnerabilities (out-of-bounds write, use-after-free, buffer overflow) that can be triggered by parsing malicious JT files. Affected versions: JT Open < 11.1.1.0, JT Utilities < 13.1.1.0, Solid Edge < 2023. If a user opens a crafted JT file, the application may crash or allow arbitrary code execution with user privileges.

What this means

What could happen

An attacker could trick a user into opening a malicious JT file, causing the application to crash, lose work, or potentially execute arbitrary code on the engineering workstation. This could compromise the integrity of design files or CAD systems used in manufacturing and process control.

Who's at risk

Engineering and design teams using Siemens CAD and file-parsing tools should care. This affects Solid Edge (mechanical CAD), JT Open (open file format toolkit used in PLM systems), and JT Utilities (file conversion and batch processing). Any organization using these tools for manufacturing design, equipment documentation, or process control system design is at risk if malicious files are received from suppliers, partners, or untrusted sources.

How it could be exploited

An attacker creates a malicious JT file and sends it to an engineer or technician (via email, shared drive, or procurement documents). When the user opens the file in JT Open, JT Utilities, or Solid Edge, the memory corruption vulnerability is triggered during parsing, crashing the application or allowing code execution with the user's privileges.

Prerequisites

User must open or import a malicious JT file
Vulnerable version of JT Open, JT Utilities, or Solid Edge must be installed
Local system access to the engineering workstation

Local user interaction required (file open)Low complexity attackAffects engineering workstations and design systemsCVSS 7.8 (high)

Exploitability

Low exploit probability (EPSS 0.6%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

JT Open< V11.1.1.011.1.1.0

JT Utilities< V13.1.1.013.1.1.0

Solid Edge< V20232023

Remediation & Mitigation

0/6

Do now

0/1

WORKAROUNDDisable or restrict file associations for JT files until patching is complete, or disable JT import functionality if not required

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

JT Open

HOTFIXUpdate JT Open to version 11.1.1.0 or later

JT Utilities

HOTFIXUpdate JT Utilities to version 13.1.1.0 or later

Solid Edge

HOTFIXUpdate Solid Edge to version 2023 or later

Long-term hardening

0/2

HARDENINGImplement network controls to block suspicious JT files at email gateways and file-sharing systems

HARDENINGTrain users not to open JT files from untrusted sources (external vendors, unsolicited emails)

CVEs (3)

CVE-2021-44002 CVE-2021-44014 CVE-2022-47935

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/0034a02d-e704-4b10-a5de-3466bf9a5fe4