Search criteria
94 vulnerabilities found for Teamcenter Visualization V13.3 by Siemens
CVE-2023-51746 (GCVE-0-2023-51746)
Vulnerability from cvelistv5 – Published: 2024-01-09 10:00 – Updated: 2024-09-04 15:14
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.6
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:11.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51746",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T15:13:57.367529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T15:14:05.889Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.6), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.13), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.12), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.9), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T10:00:18.333Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-51746",
"datePublished": "2024-01-09T10:00:18.333Z",
"dateReserved": "2023-12-22T11:30:22.672Z",
"dateUpdated": "2024-09-04T15:14:05.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51745 (GCVE-0-2023-51745)
Vulnerability from cvelistv5 – Published: 2024-01-09 10:00 – Updated: 2025-06-03 14:31
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.6
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51745",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:45:55.954048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:31:19.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.6), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.13), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.12), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.9), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T10:00:17.032Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-51745",
"datePublished": "2024-01-09T10:00:17.032Z",
"dateReserved": "2023-12-22T11:30:22.671Z",
"dateUpdated": "2025-06-03T14:31:19.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51744 (GCVE-0-2023-51744)
Vulnerability from cvelistv5 – Published: 2024-01-09 10:00 – Updated: 2025-06-09 20:32
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
Severity ?
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.6
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51744",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T20:30:16.453695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T20:32:57.525Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.6), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.13), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.12), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.9), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.6). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T10:00:15.708Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-51744",
"datePublished": "2024-01-09T10:00:15.708Z",
"dateReserved": "2023-12-22T11:30:22.671Z",
"dateUpdated": "2025-06-09T20:32:57.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51439 (GCVE-0-2023-51439)
Vulnerability from cvelistv5 – Published: 2024-01-09 10:00 – Updated: 2025-04-17 17:54
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.6
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:10.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-10T18:29:28.656739Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T17:54:26.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.6), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.13), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.12), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.9), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T10:00:14.394Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-51439",
"datePublished": "2024-01-09T10:00:14.394Z",
"dateReserved": "2023-12-19T11:47:14.991Z",
"dateUpdated": "2025-04-17T17:54:26.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38076 (GCVE-0-2023-38076)
Vulnerability from cvelistv5 – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21041)
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21041)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:28.851Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38076",
"datePublished": "2023-09-12T09:32:20.160Z",
"dateReserved": "2023-07-12T13:18:53.823Z",
"dateUpdated": "2024-08-02T17:30:13.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38075 (GCVE-0-2023-38075)
Vulnerability from cvelistv5 – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20842)
Severity ?
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20842)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:27.558Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38075",
"datePublished": "2023-09-12T09:32:19.039Z",
"dateReserved": "2023-07-12T13:18:53.823Z",
"dateUpdated": "2024-08-02T17:30:13.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38074 (GCVE-0-2023-38074)
Vulnerability from cvelistv5 – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20840)
Severity ?
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20840)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:26.239Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38074",
"datePublished": "2023-09-12T09:32:17.948Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-08-02T17:30:14.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38073 (GCVE-0-2023-38073)
Vulnerability from cvelistv5 – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20826)
Severity ?
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20826)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:24.893Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38073",
"datePublished": "2023-09-12T09:32:16.855Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-08-02T17:30:14.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38072 (GCVE-0-2023-38072)
Vulnerability from cvelistv5 – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20825)
Severity ?
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20825)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:23.586Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38072",
"datePublished": "2023-09-12T09:32:15.739Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-08-02T17:30:13.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38071 (GCVE-0-2023-38071)
Vulnerability from cvelistv5 – Published: 2023-09-12 09:32 – Updated: 2024-11-25 21:17
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20824)
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38071",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T21:17:44.338467Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T21:17:56.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20824)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:22.297Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38071",
"datePublished": "2023-09-12T09:32:14.673Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-11-25T21:17:56.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38070 (GCVE-0-2023-38070)
Vulnerability from cvelistv5 – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20818)
Severity ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20818)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:21.001Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38070",
"datePublished": "2023-09-12T09:32:13.603Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-08-02T17:30:14.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28830 (GCVE-0-2023-28830)
Vulnerability from cvelistv5 – Published: 2023-08-08 09:20 – Updated: 2024-10-23 19:49
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update 13), Solid Edge SE2023 (All versions < V223.0 Update 4), Teamcenter Visualization V13.2 (All versions < V13.2.0.15), Teamcenter Visualization V13.3 (All versions < V13.3.0.11), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM file. An attacker could leverage this vulnerability to execute code in the context of the current process.
Severity ?
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.2.0.5
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28830",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T19:48:40.205775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T19:49:54.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.5"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0 Update 13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0 Update 4"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.0.15"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.5), Solid Edge SE2022 (All versions \u003c V222.0 Update 13), Solid Edge SE2023 (All versions \u003c V223.0 Update 4), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.15), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.11), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM file. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-08T09:20:17.760Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-28830",
"datePublished": "2023-08-08T09:20:17.760Z",
"dateReserved": "2023-03-24T15:17:33.934Z",
"dateUpdated": "2024-10-23T19:49:54.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33124 (GCVE-0-2023-33124)
Vulnerability from cvelistv5 – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:37
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.2.0.3
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T01:36:55.445166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T01:37:31.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.0.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:17:17.687Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-33124",
"datePublished": "2023-06-13T08:17:17.687Z",
"dateReserved": "2023-05-17T13:17:47.573Z",
"dateUpdated": "2025-01-03T01:37:31.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33123 (GCVE-0-2023-33123)
Vulnerability from cvelistv5 – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:38
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.2.0.3
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T01:37:56.343806Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T01:38:42.204Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.0.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:17:16.585Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-33123",
"datePublished": "2023-06-13T08:17:16.585Z",
"dateReserved": "2023-05-17T13:17:47.573Z",
"dateUpdated": "2025-01-03T01:38:42.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33122 (GCVE-0-2023-33122)
Vulnerability from cvelistv5 – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:40
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.2.0.3
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:34.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T01:40:14.247239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T01:40:43.732Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.0.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:17:15.483Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-33122",
"datePublished": "2023-06-13T08:17:15.483Z",
"dateReserved": "2023-05-17T13:17:47.573Z",
"dateUpdated": "2025-01-03T01:40:43.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51746 (GCVE-0-2023-51746)
Vulnerability from nvd – Published: 2024-01-09 10:00 – Updated: 2024-09-04 15:14
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.6
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:11.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51746",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T15:13:57.367529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T15:14:05.889Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.6), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.13), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.12), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.9), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T10:00:18.333Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-51746",
"datePublished": "2024-01-09T10:00:18.333Z",
"dateReserved": "2023-12-22T11:30:22.672Z",
"dateUpdated": "2024-09-04T15:14:05.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51745 (GCVE-0-2023-51745)
Vulnerability from nvd – Published: 2024-01-09 10:00 – Updated: 2025-06-03 14:31
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.6
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51745",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:45:55.954048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:31:19.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.6), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.13), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.12), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.9), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T10:00:17.032Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-51745",
"datePublished": "2024-01-09T10:00:17.032Z",
"dateReserved": "2023-12-22T11:30:22.671Z",
"dateUpdated": "2025-06-03T14:31:19.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51744 (GCVE-0-2023-51744)
Vulnerability from nvd – Published: 2024-01-09 10:00 – Updated: 2025-06-09 20:32
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
Severity ?
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.6
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51744",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T20:30:16.453695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T20:32:57.525Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.6), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.13), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.12), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.9), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.6). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T10:00:15.708Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-51744",
"datePublished": "2024-01-09T10:00:15.708Z",
"dateReserved": "2023-12-22T11:30:22.671Z",
"dateUpdated": "2025-06-09T20:32:57.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51439 (GCVE-0-2023-51439)
Vulnerability from nvd – Published: 2024-01-09 10:00 – Updated: 2025-04-17 17:54
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.6
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:10.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-10T18:29:28.656739Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T17:54:26.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.6), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.13), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.12), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.9), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T10:00:14.394Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-51439",
"datePublished": "2024-01-09T10:00:14.394Z",
"dateReserved": "2023-12-19T11:47:14.991Z",
"dateUpdated": "2025-04-17T17:54:26.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38076 (GCVE-0-2023-38076)
Vulnerability from nvd – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21041)
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21041)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:28.851Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38076",
"datePublished": "2023-09-12T09:32:20.160Z",
"dateReserved": "2023-07-12T13:18:53.823Z",
"dateUpdated": "2024-08-02T17:30:13.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38075 (GCVE-0-2023-38075)
Vulnerability from nvd – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20842)
Severity ?
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20842)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:27.558Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38075",
"datePublished": "2023-09-12T09:32:19.039Z",
"dateReserved": "2023-07-12T13:18:53.823Z",
"dateUpdated": "2024-08-02T17:30:13.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38074 (GCVE-0-2023-38074)
Vulnerability from nvd – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20840)
Severity ?
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20840)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:26.239Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38074",
"datePublished": "2023-09-12T09:32:17.948Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-08-02T17:30:14.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38073 (GCVE-0-2023-38073)
Vulnerability from nvd – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20826)
Severity ?
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20826)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:24.893Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38073",
"datePublished": "2023-09-12T09:32:16.855Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-08-02T17:30:14.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38072 (GCVE-0-2023-38072)
Vulnerability from nvd – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20825)
Severity ?
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20825)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:23.586Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38072",
"datePublished": "2023-09-12T09:32:15.739Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-08-02T17:30:13.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38071 (GCVE-0-2023-38071)
Vulnerability from nvd – Published: 2023-09-12 09:32 – Updated: 2024-11-25 21:17
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20824)
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38071",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T21:17:44.338467Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T21:17:56.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20824)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:22.297Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38071",
"datePublished": "2023-09-12T09:32:14.673Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-11-25T21:17:56.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38070 (GCVE-0-2023-38070)
Vulnerability from nvd – Published: 2023-09-12 09:32 – Updated: 2024-08-02 17:30
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20818)
Severity ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.3.0.1
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.3.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2201",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2201.0010"
}
]
},
{
"defaultStatus": "unknown",
"product": "Tecnomatix Plant Simulation V2302",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2302.0004"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.3.0.1), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.6), Teamcenter Visualization V14.3 (All versions \u003c V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions \u003c V2201.0010), Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0004). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20818)"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T11:03:21.001Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38070",
"datePublished": "2023-09-12T09:32:13.603Z",
"dateReserved": "2023-07-12T13:18:53.822Z",
"dateUpdated": "2024-08-02T17:30:14.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28830 (GCVE-0-2023-28830)
Vulnerability from nvd – Published: 2023-08-08 09:20 – Updated: 2024-10-23 19:49
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update 13), Solid Edge SE2023 (All versions < V223.0 Update 4), Teamcenter Visualization V13.2 (All versions < V13.2.0.15), Teamcenter Visualization V13.3 (All versions < V13.3.0.11), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM file. An attacker could leverage this vulnerability to execute code in the context of the current process.
Severity ?
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.2.0.5
|
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28830",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T19:48:40.205775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T19:49:54.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.5"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2022",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V222.0 Update 13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Solid Edge SE2023",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V223.0 Update 4"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.0.15"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.5), Solid Edge SE2022 (All versions \u003c V222.0 Update 13), Solid Edge SE2023 (All versions \u003c V223.0 Update 4), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.15), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.11), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM file. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-08T09:20:17.760Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-28830",
"datePublished": "2023-08-08T09:20:17.760Z",
"dateReserved": "2023-03-24T15:17:33.934Z",
"dateUpdated": "2024-10-23T19:49:54.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33124 (GCVE-0-2023-33124)
Vulnerability from nvd – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:37
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.2.0.3
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T01:36:55.445166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T01:37:31.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.0.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:17:17.687Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-33124",
"datePublished": "2023-06-13T08:17:17.687Z",
"dateReserved": "2023-05-17T13:17:47.573Z",
"dateUpdated": "2025-01-03T01:37:31.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33123 (GCVE-0-2023-33123)
Vulnerability from nvd – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:38
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.2.0.3
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T01:37:56.343806Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T01:38:42.204Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.0.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:17:16.585Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-33123",
"datePublished": "2023-06-13T08:17:16.585Z",
"dateReserved": "2023-05-17T13:17:47.573Z",
"dateUpdated": "2025-01-03T01:38:42.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33122 (GCVE-0-2023-33122)
Vulnerability from nvd – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:40
VLAI?
Summary
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V14.2.0.3
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:34.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T01:40:14.247239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T01:40:43.732Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.0.13"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V13.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.0.0.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.1.0.8"
}
]
},
{
"defaultStatus": "unknown",
"product": "Teamcenter Visualization V14.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14.2.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:17:15.483Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-33122",
"datePublished": "2023-06-13T08:17:15.483Z",
"dateReserved": "2023-05-17T13:17:47.573Z",
"dateUpdated": "2025-01-03T01:40:43.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}