Multiple vulnerabilities in Siemens Teamcenter Visualization and JT2Go
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2023-51439 CVE-2023-51744 CVE-2023-51745 CVE-2023-51746 |
| CWE-ID | CWE-125 CWE-476 CWE-121 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Teamcenter Visualization Other software / Other software solutions JT2Go Server applications / Virtualization software |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU85251
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-51439
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition while parsing specially crafted CGM files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.3
JT2Go: before 14.3.0.6
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) NULL pointer dereference
EUVDB-ID: #VU85252
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-51744
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error while parsing specially crafted CGM files. A remote attacker can trick a victim to open a specially crafted CGM file and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.3
JT2Go: before 14.3.0.6
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Stack-based buffer overflow
EUVDB-ID: #VU85253
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-51745
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error while parsing specially crafted CGM files. A remote unauthenticated attacker can trick a victim to open a specially crafted file, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.3
JT2Go: before 14.3.0.6
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Stack-based buffer overflow
EUVDB-ID: #VU85254
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-51746
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error while parsing specially crafted CGM files. A remote unauthenticated attacker can trick a victim to open a specially crafted file, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsTeamcenter Visualization: 13.3 - 14.3
JT2Go: before 14.3.0.6
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
