Multiple vulnerabilities in Siemens JT2Go and Teamcenter Visualization



Published: 2022-05-12
Risk High
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2022-29028
CVE-2022-29029
CVE-2022-29030
CVE-2022-29031
CVE-2022-29032
CVE-2022-29033
CWE-ID CWE-835
CWE-476
CWE-190
CWE-415
CWE-824
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Teamcenter Visualization
Other software / Other software solutions

JT2Go
Server applications / Virtualization software

Vendor Siemens

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Infinite loop

EUVDB-ID: #VU63115

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-29028

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in Tiff_Loader.dll. A remote attacker can use specially crafted TIFF file, consume all available system resources and cause denial of service conditions.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Teamcenter Visualization: 13.3 - 14.0

JT2Go: before 13.3.0.3


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-553086.txt

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) NULL pointer dereference

EUVDB-ID: #VU63119

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-29029

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the CGM_NIST_Loader.dll. A remote attacker can use a specially crafted CGM file and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Teamcenter Visualization: 13.3 - 14.0

JT2Go: before 13.3.0.3


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-553086.txt

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Integer overflow

EUVDB-ID: #VU63121

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-29030

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in the Mono_Loader.dll library. A remote attacker can use a specially crafted TG4 file, trigger integer overflow and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Teamcenter Visualization: 13.3 - 14.0

JT2Go: before 13.3.0.3


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-553086.txt

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) NULL pointer dereference

EUVDB-ID: #VU63122

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-29031

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the CGM_NIST_Loader.dll. A remote attacker can use a specially crafted CGM file and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Teamcenter Visualization: 13.3 - 14.0

JT2Go: before 13.3.0.3


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-553086.txt

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Double Free

EUVDB-ID: #VU63123

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-29032

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the CGM_NIST_Loader.dll library. A remote attacker can use a specially crafted CGM file, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Teamcenter Visualization: 13.3 - 14.0

JT2Go: before 13.3.0.3


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-553086.txt

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Access of Uninitialized Pointer

EUVDB-ID: #VU63124

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-29033

CWE-ID: CWE-824 - Access of Uninitialized Pointer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to access of uninitialized pointer in the CGM_NIST_Loader.dll library. A remote attacker can use a specially crafted CGM file and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Teamcenter Visualization: 13.3 - 14.0

JT2Go: before 13.3.0.3


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-553086.txt

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###