Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-26992 (GCVE-0-2020-26992)
Vulnerability from cvelistv5 – Published: 2021-01-12 20:18 – Updated: 2024-08-04 16:03
VLAI?
EPSS
Summary
A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.
Severity ?
No CVSS data available.
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Affected:
All versions < V13.1.0
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:03:23.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.1.0"
}
]
},
{
"product": "Teamcenter Visualization",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-19T13:51:24",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-26992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JT2Go",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V13.1.0"
}
]
}
},
{
"product_name": "Teamcenter Visualization",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V13.1.0"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-26992",
"datePublished": "2021-01-12T20:18:35",
"dateReserved": "2020-10-12T00:00:00",
"dateUpdated": "2024-08-04T16:03:23.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"13.1.0\", \"matchCriteriaId\": \"307FDFE4-A801-4978-8903-BC38ED035927\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"13.1.0\", \"matchCriteriaId\": \"30E90A52-9FD9-450A-8003-9F6C451E0823\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones anteriores a V13.1.0), Teamcenter Visualization (Todas las versiones anteriores a V13.1.0). Las aplicaciones afectadas carecen de una comprobaci\\u00f3n apropiada de los datos proporcionados por el usuario al analizar archivos CGM. Esto podr\\u00eda conllevar a un desbordamiento del b\\u00fafer en la regi\\u00f3n stack de la memoria al intentar copiar en un b\\u00fafer durante el manejo de la cadena de fuentes. Un atacante podr\\u00eda aprovechar esta vulnerabilidad para ejecutar c\\u00f3digo en el contexto del proceso actual\"}]",
"id": "CVE-2020-26992",
"lastModified": "2024-11-21T05:20:38.580",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2021-01-12T21:15:17.387",
"references": "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"productcert@siemens.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-121\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-26992\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2021-01-12T21:15:17.387\",\"lastModified\":\"2024-11-21T05:20:38.580\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones anteriores a V13.1.0), Teamcenter Visualization (Todas las versiones anteriores a V13.1.0). Las aplicaciones afectadas carecen de una comprobaci\u00f3n apropiada de los datos proporcionados por el usuario al analizar archivos CGM. Esto podr\u00eda conllevar a un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria al intentar copiar en un b\u00fafer durante el manejo de la cadena de fuentes. Un atacante podr\u00eda aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"13.1.0\",\"matchCriteriaId\":\"307FDFE4-A801-4978-8903-BC38ED035927\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"13.1.0\",\"matchCriteriaId\":\"30E90A52-9FD9-450A-8003-9F6C451E0823\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2021-AVI-018
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | Les commutateurs de la famille SCALANCE X-200IRT (inclus les variants SIPLUSNET) | ||
| Siemens | N/A | Les commutateurs de la famille SCALANCE X-300 (inclus les variants X408 et SIPLUS NET) versions antérieures à V4.1.0 | ||
| Siemens | N/A | Solid Edge versions antérieures à SE2021MP2 | ||
| Siemens | N/A | T2Go versions antérieures à V13.1.0 | ||
| Siemens | N/A | Teamcenter Visualization versions antérieures à V13.1.0 (cette version reste vulnérable aux vulnérabilités CVE-2020-26989, CVE-2020-26990 et CVE-2020-26991) | ||
| Siemens | N/A | Les commutateurs de la famille SCALANCE X-200 (inclus les variants SIPLUSNET) |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Les commutateurs de la famille SCALANCE X-200IRT (inclus les variants SIPLUSNET)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Les commutateurs de la famille SCALANCE X-300 (inclus les variants X408 et SIPLUS NET) versions ant\u00e9rieures \u00e0 V4.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge versions ant\u00e9rieures \u00e0 SE2021MP2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "T2Go versions ant\u00e9rieures \u00e0 V13.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization versions ant\u00e9rieures \u00e0 V13.1.0 (cette version reste vuln\u00e9rable aux vuln\u00e9rabilit\u00e9s CVE-2020-26989, CVE-2020-26990 et CVE-2020-26991)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Les commutateurs de la famille SCALANCE X-200 (inclus les variants SIPLUSNET)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-25226",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25226"
},
{
"name": "CVE-2020-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26996"
},
{
"name": "CVE-2020-26984",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26984"
},
{
"name": "CVE-2020-26983",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26983"
},
{
"name": "CVE-2020-26989",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26989"
},
{
"name": "CVE-2020-26988",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26988"
},
{
"name": "CVE-2020-28381",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28381"
},
{
"name": "CVE-2020-28382",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28382"
},
{
"name": "CVE-2020-28383",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28383"
},
{
"name": "CVE-2020-28384",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28384"
},
{
"name": "CVE-2020-26994",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26994"
},
{
"name": "CVE-2020-26987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26987"
},
{
"name": "CVE-2020-15800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15800"
},
{
"name": "CVE-2020-15799",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15799"
},
{
"name": "CVE-2020-26985",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26985"
},
{
"name": "CVE-2020-26991",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26991"
},
{
"name": "CVE-2020-26986",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26986"
},
{
"name": "CVE-2020-28395",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28395"
},
{
"name": "CVE-2020-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26982"
},
{
"name": "CVE-2020-26981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26981"
},
{
"name": "CVE-2020-26995",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26995"
},
{
"name": "CVE-2020-26992",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26992"
},
{
"name": "CVE-2020-28391",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28391"
},
{
"name": "CVE-2020-26990",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26990"
},
{
"name": "CVE-2020-26993",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26993"
},
{
"name": "CVE-2020-26980",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26980"
},
{
"name": "CVE-2020-28386",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28386"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-018",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-274900 du 12 janvier 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-622830 du 12 janvier 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-139628 du 12 janvier 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-979834 du 12 janvier 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979834.pdf"
}
]
}
CERTFR-2021-AVI-018
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | Les commutateurs de la famille SCALANCE X-200IRT (inclus les variants SIPLUSNET) | ||
| Siemens | N/A | Les commutateurs de la famille SCALANCE X-300 (inclus les variants X408 et SIPLUS NET) versions antérieures à V4.1.0 | ||
| Siemens | N/A | Solid Edge versions antérieures à SE2021MP2 | ||
| Siemens | N/A | T2Go versions antérieures à V13.1.0 | ||
| Siemens | N/A | Teamcenter Visualization versions antérieures à V13.1.0 (cette version reste vulnérable aux vulnérabilités CVE-2020-26989, CVE-2020-26990 et CVE-2020-26991) | ||
| Siemens | N/A | Les commutateurs de la famille SCALANCE X-200 (inclus les variants SIPLUSNET) |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Les commutateurs de la famille SCALANCE X-200IRT (inclus les variants SIPLUSNET)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Les commutateurs de la famille SCALANCE X-300 (inclus les variants X408 et SIPLUS NET) versions ant\u00e9rieures \u00e0 V4.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge versions ant\u00e9rieures \u00e0 SE2021MP2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "T2Go versions ant\u00e9rieures \u00e0 V13.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization versions ant\u00e9rieures \u00e0 V13.1.0 (cette version reste vuln\u00e9rable aux vuln\u00e9rabilit\u00e9s CVE-2020-26989, CVE-2020-26990 et CVE-2020-26991)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Les commutateurs de la famille SCALANCE X-200 (inclus les variants SIPLUSNET)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-25226",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25226"
},
{
"name": "CVE-2020-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26996"
},
{
"name": "CVE-2020-26984",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26984"
},
{
"name": "CVE-2020-26983",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26983"
},
{
"name": "CVE-2020-26989",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26989"
},
{
"name": "CVE-2020-26988",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26988"
},
{
"name": "CVE-2020-28381",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28381"
},
{
"name": "CVE-2020-28382",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28382"
},
{
"name": "CVE-2020-28383",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28383"
},
{
"name": "CVE-2020-28384",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28384"
},
{
"name": "CVE-2020-26994",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26994"
},
{
"name": "CVE-2020-26987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26987"
},
{
"name": "CVE-2020-15800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15800"
},
{
"name": "CVE-2020-15799",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15799"
},
{
"name": "CVE-2020-26985",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26985"
},
{
"name": "CVE-2020-26991",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26991"
},
{
"name": "CVE-2020-26986",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26986"
},
{
"name": "CVE-2020-28395",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28395"
},
{
"name": "CVE-2020-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26982"
},
{
"name": "CVE-2020-26981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26981"
},
{
"name": "CVE-2020-26995",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26995"
},
{
"name": "CVE-2020-26992",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26992"
},
{
"name": "CVE-2020-28391",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28391"
},
{
"name": "CVE-2020-26990",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26990"
},
{
"name": "CVE-2020-26993",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26993"
},
{
"name": "CVE-2020-26980",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26980"
},
{
"name": "CVE-2020-28386",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28386"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-018",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-274900 du 12 janvier 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-274900.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-622830 du 12 janvier 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-139628 du 12 janvier 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-979834 du 12 janvier 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979834.pdf"
}
]
}
SSA-622830
Vulnerability from csaf_siemens - Published: 2021-01-12 00:00 - Updated: 2021-05-17 00:00Summary
SSA-622830: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0
Notes
Summary
Siemens has released version V13.1.0 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (JT, XML, CG4, CGM, PDF, RGB, SGI, TGA, PAR, PCX). If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary code execution or data extraction on the target host system.
Siemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products. Please refer to SSA-663999 [0] and SSA-695540 [1] for further information regarding later version updates.
Note: Previous versions of this advisory also contained the vulnerabilities CVE-2020-26989, CVE-2020-26990, and CVE-2020-28383 (now addressed in [0]) and CVE-2020-26991 (now addressed in [1]).
[0] https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf
[1] https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"acknowledgments": [
{
"organization": "Trend Micro Zero Day Initiative",
"summary": "coordinated disclosure of CVE-2020-26980 through CVE-2020-26991, CVE-2020-26995, CVE-2020-26996 and CVE-2020-28383"
},
{
"names": [
"Carsten Eiram"
],
"organization": "Risk Based Security",
"summary": "coordinated disclosure of CVE-2020-26992, CVE-2020-26993, CVE-2020-26980 and CVE-2020-26986"
},
{
"organization": "Cybersecurity and Infrastructure Security Agency (CISA)",
"summary": "coordination efforts"
}
],
"category": "Siemens Security Advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited.",
"tlp": {
"label": "WHITE"
}
},
"notes": [
{
"category": "summary",
"text": "Siemens has released version V13.1.0 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (JT, XML, CG4, CGM, PDF, RGB, SGI, TGA, PAR, PCX). If a user is tricked to opening of a malicious file with the affected products, this could lead to application crash, or potentially arbitrary code execution or data extraction on the target host system.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products. Please refer to SSA-663999 [0] and SSA-695540 [1] for further information regarding later version updates.\n\nNote: Previous versions of this advisory also contained the vulnerabilities CVE-2020-26989, CVE-2020-26990, and CVE-2020-28383 (now addressed in [0]) and CVE-2020-26991 (now addressed in [1]).\n\n[0] https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf\n\n[1] https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-622830: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
},
{
"category": "self",
"summary": "SSA-622830: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-622830.txt"
},
{
"category": "self",
"summary": "SSA-622830: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-622830.json"
}
],
"title": "SSA-622830: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0",
"tracking": {
"current_release_date": "2021-05-17T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-622830",
"initial_release_date": "2021-01-12T00:00:00Z",
"revision_history": [
{
"date": "2021-01-12T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2021-02-09T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Included fix information for CVE-2020-26989, CVE-2020-26990 and CVE-2020-26991, and reference to new advisory SSA-663999"
},
{
"date": "2021-05-17T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Moved vulnerabilities CVE-2020-26989, CVE-2020-26990, and CVE-2020-28383 to advisory SSA-663999; moved CVE-2020-26991 to SSA-695540"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V13.1.0",
"product": {
"name": "JT2Go",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "JT2Go"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V13.1.0",
"product": {
"name": "Teamcenter Visualization",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "Teamcenter Visualization"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-26980",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing JT files. A crafted JT file could trigger a type confusion condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11881)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26980 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26980 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26980.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26980"
},
{
"cve": "CVE-2020-26981",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "summary",
"text": "When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11890)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26981 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26981 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26981.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26981"
},
{
"cve": "CVE-2020-26982",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing CG4 and CGM files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11898)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26982 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26982 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26982.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26982"
},
{
"cve": "CVE-2020-26983",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing PDF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11900)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26983 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26983 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26983.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26983"
},
{
"cve": "CVE-2020-26984",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing of JT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11972)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26984 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26984 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26984.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26984"
},
{
"cve": "CVE-2020-26985",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing of RGB and SGI files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11986, ZDI-CAN-11994)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26985 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26985 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26985.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26985"
},
{
"cve": "CVE-2020-26986",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing of JT files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12014)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26986 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26986 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26986.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26986"
},
{
"cve": "CVE-2020-26987",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing of TGA files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12016, ZDI-CAN-12017)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26987 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26987 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26987.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26987"
},
{
"cve": "CVE-2020-26988",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11891)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26988 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26988 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26988.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26988"
},
{
"cve": "CVE-2020-26992",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26992 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26992 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26992.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26992"
},
{
"cve": "CVE-2020-26993",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer in the font index handling function. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26993 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26993 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26993.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26993"
},
{
"cve": "CVE-2020-26994",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing of PCX files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26994 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26994 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26994.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26994"
},
{
"cve": "CVE-2020-26995",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing of SGI and RGB files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11992)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26995 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26995 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26995.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26995"
},
{
"cve": "CVE-2020-26996",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing of CG4 files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12027)",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"references": [
{
"summary": "CVE-2020-26996 - JT2Go",
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"summary": "CVE-2020-26996 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-26996.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"1"
],
"url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
},
{
"category": "vendor_fix",
"details": "Update to V13.1.0 or later version",
"product_ids": [
"2"
]
},
{
"category": "mitigation",
"details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2020-26996"
}
]
}
VAR-202101-0353
Vulnerability from variot - Updated: 2023-12-18 11:28A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process. JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML and existing JT, VFZ, CGM, TIF data. Teamcenter visualization software enables companies to enhance their product lifecycle management (PLM) environment. The software enables corporate users to access documents, 2D drawings and 3D models in a single environment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202101-0353",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jt2go",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "13.1.0"
},
{
"model": "teamcenter visualization",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "13.1.0"
},
{
"model": "teamcenter visualization",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": "13.1.0"
},
{
"model": "jt2go",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "jt2go",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v13.1.0"
},
{
"model": "teamcenter visualization",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v13.1.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-02579"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"db": "NVD",
"id": "CVE-2020-26992"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-26992"
}
]
},
"cve": "CVE-2020-26992",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-26992",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-02579",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-26992",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-26992",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2021-02579",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202101-843",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-02579"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"db": "NVD",
"id": "CVE-2020-26992"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-843"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process. JT2Go and Teamcenter Visualization Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML and existing JT, VFZ, CGM, TIF data. Teamcenter visualization software enables companies to enhance their product lifecycle management (PLM) environment. The software enables corporate users to access documents, 2D drawings and 3D models in a single environment",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-26992"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"db": "CNVD",
"id": "CNVD-2021-02579"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-26992",
"trust": 3.0
},
{
"db": "SIEMENS",
"id": "SSA-622830",
"trust": 2.2
},
{
"db": "JVN",
"id": "JVNVU91685542",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015256",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-02579",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-012-03",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0125",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202101-843",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-02579"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"db": "NVD",
"id": "CVE-2020-26992"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-843"
}
]
},
"id": "VAR-202101-0353",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-02579"
}
],
"trust": 0.75799868
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-02579"
}
]
},
"last_update_date": "2023-12-18T11:28:33.849000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-622830",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
},
{
"title": "Patch for JT2Go and Teamcenter Visualization stack buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/243973"
},
{
"title": "Siemens JTGo Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=139355"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-02579"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-843"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"db": "NVD",
"id": "CVE-2020-26992"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26992"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91685542/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-012-03"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0125/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-02579"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"db": "NVD",
"id": "CVE-2020-26992"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-843"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-02579"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"db": "NVD",
"id": "CVE-2020-26992"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-843"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-01-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-02579"
},
{
"date": "2021-09-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"date": "2021-01-12T21:15:17.387000",
"db": "NVD",
"id": "CVE-2020-26992"
},
{
"date": "2021-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-843"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-01-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-02579"
},
{
"date": "2021-09-15T08:31:00",
"db": "JVNDB",
"id": "JVNDB-2020-015256"
},
{
"date": "2021-02-23T00:11:20.560000",
"db": "NVD",
"id": "CVE-2020-26992"
},
{
"date": "2021-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-843"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-843"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "JT2Go\u00a0 and \u00a0Teamcenter\u00a0Visualization\u00a0 Out-of-bounds Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015256"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-843"
}
],
"trust": 0.6
}
}
GSD-2020-26992
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-26992",
"description": "A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"id": "GSD-2020-26992"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-26992"
],
"details": "A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"id": "GSD-2020-26992",
"modified": "2023-12-13T01:22:08.594031Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-26992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JT2Go",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V13.1.0"
}
]
}
},
{
"product_name": "Teamcenter Visualization",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V13.1.0"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-26992"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-02-23T00:11Z",
"publishedDate": "2021-01-12T21:15Z"
}
}
}
FKIE_CVE-2020-26992
Vulnerability from fkie_nvd - Published: 2021-01-12 21:15 - Updated: 2024-11-21 05:20
Severity ?
Summary
A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | jt2go | * | |
| siemens | teamcenter_visualization | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*",
"matchCriteriaId": "307FDFE4-A801-4978-8903-BC38ED035927",
"versionEndExcluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30E90A52-9FD9-450A-8003-9F6C451E0823",
"versionEndExcluding": "13.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT2Go (All versions \u003c V13.1.0), Teamcenter Visualization (All versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones anteriores a V13.1.0), Teamcenter Visualization (Todas las versiones anteriores a V13.1.0). Las aplicaciones afectadas carecen de una comprobaci\u00f3n apropiada de los datos proporcionados por el usuario al analizar archivos CGM. Esto podr\u00eda conllevar a un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria al intentar copiar en un b\u00fafer durante el manejo de la cadena de fuentes. Un atacante podr\u00eda aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual"
}
],
"id": "CVE-2020-26992",
"lastModified": "2024-11-21T05:20:38.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-12T21:15:17.387",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ICSA-21-012-03
Vulnerability from csaf_cisa - Published: 2021-01-12 00:00 - Updated: 2021-05-27 00:00Summary
Siemens JT2Go and Teamcenter Visualization (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could lead to arbitrary code execution.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.
{
"document": {
"acknowledgments": [
{
"names": [
"Francis Provencher (PRL)",
"rgod"
],
"organization": "Trend Micro \u0027s Zero Day Initiative",
"summary": "reporting these vulnerabilities"
},
{
"names": [
"Carsten Eiram"
],
"organization": "Risk Based Security",
"summary": "reporting these vulnerabilities"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could lead to arbitrary code execution.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-012-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-012-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-012-03 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-012-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ncas/tips/ST04-014"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens JT2Go and Teamcenter Visualization (Update B)",
"tracking": {
"current_release_date": "2021-05-27T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-012-03",
"initial_release_date": "2021-01-12T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-01-12T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-012-03 Siemens JT2Go "
},
{
"date": "2021-02-09T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-21-012-03 Siemens JT2Go and Teamcenter (Update A)"
},
{
"date": "2021-05-27T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-21-012-03 Siemens JT2Go and Teamcenter (Update B)"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 13.1.0",
"product": {
"name": "JT2Go: All versions prior to v13.1.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "JT2Go"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 13.1.0",
"product": {
"name": "Teamcenter Visualization: All versions prior to v13.1.0",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Teamcenter Visualization"
},
{
"branches": [
{
"category": "product_version",
"name": "13.1.0 (Only affected by CVE-2020-26989 CVE-2020-26990 CVE-2020-26991)",
"product": {
"name": "JT2Go: Version 13.1.0. only affected by CVE-2020-26989 CVE-2020-26990 CVE-2020-26991",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "JT2Go"
},
{
"branches": [
{
"category": "product_version",
"name": "13.1.0 (Only affected by CVE-2020-26989 CVE-2020-26990 CVE-2020-26991)",
"product": {
"name": "Teamcenter Visualization: Version 13.1.0 only affected by CVE-2020-26989 CVE-2020-26990 CVE-2020-26991",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Teamcenter Visualization"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-26980",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing JT files. A crafted JT file can trigger a type of confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. CVE-2020-26980 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26980"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26981",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "summary",
"text": "When opening a specially crafted XML file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external DTD. CVE-2020-26981 has been assigned to this vulnerability. A CVSS v3 base score of 5.6 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26981"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:L"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26982",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing CG4 and CGM files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26982 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26982"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26983",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing PDF files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26983 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26983"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26984",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing JT files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26984 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26984"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26985",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing RGB and SGI files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26985 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26985"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26986",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing JT files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26986 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26986"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26987",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing TGA files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26987 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26987"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26988",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26988 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26988"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26992",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack-based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26992 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26992"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26993",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack-based buffer overflow while trying to copy to a buffer during font index handling. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26993 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26993"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26994",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing PCX files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26994 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26994"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26995",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing SGI and RGB files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26995 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26995"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2020-26996",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Affected applications lack proper validation of user-supplied data when parsing CG4 files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. CVE-2020-26996 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26996"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends the following:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
},
{
"category": "vendor_fix",
"details": "For additional information refer to SSA-622830,SSA-663999,and SSA-695540",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-695540.pdf"
},
{
"category": "vendor_fix",
"details": "Siemens strongly recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for Industrial Security and follow the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/operational-guidelines%20industrial-security"
},
{
"category": "vendor_fix",
"details": "Additional information on industrial security by Siemens can be found at: https://www.siemens.com/Industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/Industrialsecurity"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
}
]
}
CNVD-2021-02579
Vulnerability from cnvd - Published: 2021-01-13
VLAI Severity ?
Title
JT2Go and Teamcenter Visualization堆栈缓冲区溢出漏洞
Description
JT2Go是一个3D JT查看工具,允许用户查看JT,PDF,Solid Edge,PLM XML与现有的JT,VFZ、CGM、TIF数据。Teamcenter可视化软件使企业能够增强他们的产品生命周期管理(PLM)环境,该软件使企业用户能够在单一环境中访问文档、2D图纸和3D模型。
JT2Go and Teamcenter Visualization堆栈缓冲区溢出漏洞,攻击者可以利用此漏洞在当前进程的上下文中执行代码。
Severity
高
Patch Name
JT2Go and Teamcenter Visualization堆栈缓冲区溢出漏洞的补丁
Patch Description
JT2Go是一个3D JT查看工具,允许用户查看JT,PDF,Solid Edge,PLM XML与现有的JT,VFZ、CGM、TIF数据。Teamcenter可视化软件使企业能够增强他们的产品生命周期管理(PLM)环境,该软件使企业用户能够在单一环境中访问文档、2D图纸和3D模型。
JT2Go and Teamcenter Visualization堆栈缓冲区溢出漏洞,攻击者可以利用此漏洞在当前进程的上下文中执行代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布相关漏洞补丁链接,请及时更新: https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf
Reference
https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf
Impacted products
| Name | ['SIEMENS JT2Go <V13.1.0', 'SIEMENS Teamcenter Visualization <V13.1.0'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-26992"
}
},
"description": "JT2Go\u662f\u4e00\u4e2a3D JT\u67e5\u770b\u5de5\u5177\uff0c\u5141\u8bb8\u7528\u6237\u67e5\u770bJT\uff0cPDF\uff0cSolid Edge\uff0cPLM XML\u4e0e\u73b0\u6709\u7684JT\uff0cVFZ\u3001CGM\u3001TIF\u6570\u636e\u3002Teamcenter\u53ef\u89c6\u5316\u8f6f\u4ef6\u4f7f\u4f01\u4e1a\u80fd\u591f\u589e\u5f3a\u4ed6\u4eec\u7684\u4ea7\u54c1\u751f\u547d\u5468\u671f\u7ba1\u7406(PLM)\u73af\u5883\uff0c\u8be5\u8f6f\u4ef6\u4f7f\u4f01\u4e1a\u7528\u6237\u80fd\u591f\u5728\u5355\u4e00\u73af\u5883\u4e2d\u8bbf\u95ee\u6587\u6863\u30012D\u56fe\u7eb8\u548c3D\u6a21\u578b\u3002\n\nJT2Go and Teamcenter Visualization\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u5f53\u524d\u8fdb\u7a0b\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u76f8\u5173\u6f0f\u6d1e\u8865\u4e01\u94fe\u63a5\uff0c\u8bf7\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-02579",
"openTime": "2021-01-13",
"patchDescription": "JT2Go\u662f\u4e00\u4e2a3D JT\u67e5\u770b\u5de5\u5177\uff0c\u5141\u8bb8\u7528\u6237\u67e5\u770bJT\uff0cPDF\uff0cSolid Edge\uff0cPLM XML\u4e0e\u73b0\u6709\u7684JT\uff0cVFZ\u3001CGM\u3001TIF\u6570\u636e\u3002Teamcenter\u53ef\u89c6\u5316\u8f6f\u4ef6\u4f7f\u4f01\u4e1a\u80fd\u591f\u589e\u5f3a\u4ed6\u4eec\u7684\u4ea7\u54c1\u751f\u547d\u5468\u671f\u7ba1\u7406(PLM)\u73af\u5883\uff0c\u8be5\u8f6f\u4ef6\u4f7f\u4f01\u4e1a\u7528\u6237\u80fd\u591f\u5728\u5355\u4e00\u73af\u5883\u4e2d\u8bbf\u95ee\u6587\u6863\u30012D\u56fe\u7eb8\u548c3D\u6a21\u578b\u3002\r\n\r\nJT2Go and Teamcenter Visualization\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u5f53\u524d\u8fdb\u7a0b\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "JT2Go and Teamcenter Visualization\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"SIEMENS JT2Go \u003cV13.1.0",
"SIEMENS Teamcenter Visualization \u003cV13.1.0"
]
},
"referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf",
"serverity": "\u9ad8",
"submitTime": "2021-01-13",
"title": "JT2Go and Teamcenter Visualization\u5806\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
GHSA-2HQM-X8QP-68PH
Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-05-24 17:38
VLAI?
Details
A vulnerability has been identified in JT2Go (All Versions < V13.1.0), Teamcenter Visualization (All Versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.
{
"affected": [],
"aliases": [
"CVE-2020-26992"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-12T21:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in JT2Go (All Versions \u003c V13.1.0), Teamcenter Visualization (All Versions \u003c V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"id": "GHSA-2hqm-x8qp-68ph",
"modified": "2022-05-24T17:38:33Z",
"published": "2022-05-24T17:38:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26992"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…