Multiple vulnerabilities in Siemens JT2Go and Teamcenter Visualization
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2022-29028 CVE-2022-29029 CVE-2022-29030 CVE-2022-29031 CVE-2022-29032 CVE-2022-29033 |
| CWE-ID | CWE-835 CWE-476 CWE-190 CWE-415 CWE-824 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Teamcenter Visualization Other software / Other software solutions JT2Go Server applications / Virtualization software |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Infinite loop
EUVDB-ID: #VU63115
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-29028
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in Tiff_Loader.dll. A remote attacker can use specially crafted TIFF file, consume all available system resources and cause denial of service conditions.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.0
JT2Go: before 13.3.0.3
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-553086.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) NULL pointer dereference
EUVDB-ID: #VU63119
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-29029
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the CGM_NIST_Loader.dll. A remote attacker can use a specially crafted CGM file and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.0
JT2Go: before 13.3.0.3
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-553086.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Integer overflow
EUVDB-ID: #VU63121
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-29030
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in the Mono_Loader.dll library. A remote attacker can use a specially crafted TG4 file, trigger integer overflow and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.0
JT2Go: before 13.3.0.3
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-553086.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) NULL pointer dereference
EUVDB-ID: #VU63122
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-29031
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the CGM_NIST_Loader.dll. A remote attacker can use a specially crafted CGM file and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.0
JT2Go: before 13.3.0.3
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-553086.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Double Free
EUVDB-ID: #VU63123
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-29032
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the CGM_NIST_Loader.dll library. A remote attacker can use a specially crafted CGM file, trigger double free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.0
JT2Go: before 13.3.0.3
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-553086.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Access of Uninitialized Pointer
EUVDB-ID: #VU63124
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-29033
CWE-ID:
CWE-824 - Access of Uninitialized Pointer
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to access of uninitialized pointer in the CGM_NIST_Loader.dll library. A remote attacker can use a specially crafted CGM file and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.0
JT2Go: before 13.3.0.3
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-553086.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
