github - ghsa-pq78-qmg4-p42h

GHSA-PQ78-QMG4-P42H

Vulnerability from github – Published: 2023-11-21 21:30 – Updated: 2023-11-30 06:33

Details

The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-38405"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-21T19:15:07Z",
    "severity": "HIGH"
  },
  "details": "The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition\u00a0while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code\u00a0in the context of the current process.",
  "id": "GHSA-pq78-qmg4-p42h",
  "modified": "2023-11-30T06:33:22Z",
  "published": "2023-11-21T21:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38405"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-07"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2021-38405 (GCVE-0-2021-38405)

Vulnerability from cvelistv5 – Published: 2023-11-21 18:19 – Updated: 2024-08-04 01:37

Summary

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-119

Assigner

icscert

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/s…
	https://www.cisa.gov/news-events/ics-advisories/i…

Impacted products

Vendor

Product

Version

Siemens

JT2Go

Affected: 0 , < 13.2.0.7 (custom)

Siemens

Teamcenter Visualization

Affected: 12.4 , < 12.4.0.13 (custom)
Affected: 13.1 , < 13.1.0.8 (custom)
Affected: 13.2 , < 13.2.0.7 (custom)
Affected: 13.3 , < 13.3.0.1 (custom)

Credits

Mat Powell of Trend Micro’s Zero Day Initiative reported these vulnerabilities to Siemens and CISA.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:37:16.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "JT2Go",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "13.2.0.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Teamcenter Visualization",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "12.4.0.13",
              "status": "affected",
              "version": "12.4",
              "versionType": "custom"
            },
            {
              "lessThan": "13.1.0.8",
              "status": "affected",
              "version": "13.1",
              "versionType": "custom"
            },
            {
              "lessThan": "13.2.0.7",
              "status": "affected",
              "version": "13.2",
              "versionType": "custom"
            },
            {
              "lessThan": "13.3.0.1",
              "status": "affected",
              "version": "13.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Mat Powell of Trend Micro\u2019s Zero Day Initiative reported these vulnerabilities to Siemens and CISA."
        }
      ],
      "datePublic": "2022-06-16T16:46:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition\u0026nbsp;while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code\u0026nbsp;in the context of the current process."
            }
          ],
          "value": "The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition\u00a0while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code\u00a0in the context of the current process."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-21T18:19:10.557Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf"
        },
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-07"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\u003cp\u003eSiemens has released updates for some of the affected products and \nrecommends updating to the latest versions. Siemens is preparing further\n updates and recommends specific countermeasures for products where \nupdates are not yet available.\u003c/p\u003e\n\u003cul\u003e\u003cli\u003eJT2Go: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html\"\u003eUpdate to v13.2.0.7\u003c/a\u003e\u0026nbsp;or later version\u003c/li\u003e\u003cli\u003eTeamcenter Visualization v13.1: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.sw.siemens.com/\"\u003eUpdate to v13.1.0.9 or later version\u003c/a\u003e\u003c/li\u003e\u003cli\u003eTeamcenter Visualization v13.2: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.sw.siemens.com/\"\u003eUpdate to v13.2.0.7 or later version\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eTeamcenter Visualization v13.3: \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.sw.siemens.com/\"\u003eUpdate to v13.3.0.1 or later version\u003c/a\u003e\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ePlease see Siemens security advisory \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf\"\u003eSSA-301589\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003efor more information.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "Siemens has released updates for some of the affected products and \nrecommends updating to the latest versions. Siemens is preparing further\n updates and recommends specific countermeasures for products where \nupdates are not yet available.\n\n\n  *  JT2Go:  Update to v13.2.0.7 https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html \u00a0or later version\n  *  Teamcenter Visualization v13.1:  Update to v13.1.0.9 or later version https://support.sw.siemens.com/ \n  *  Teamcenter Visualization v13.2:  Update to v13.2.0.7 or later version https://support.sw.siemens.com/ \n  *  Teamcenter Visualization v13.3:  Update to v13.3.0.1 or later version https://support.sw.siemens.com/ \n\n\n\nPlease see Siemens security advisory  SSA-301589 https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf \u00a0for more information."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Siemens Solid Edge, JT2Go, and Teamcenter Visualization Improper Restriction of Operations within the Bounds of a Memory Buffer",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eSiemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:\u003c/p\u003e\n\u003cul\u003e\u003cli\u003eAvoid opening untrusted files from unknown sources in affected products.\u003c/li\u003e\n\u003c/ul\u003e\u003cp\u003eAs a general security measure, Siemens strongly recommends \nprotecting network access to devices with appropriate mechanisms. In \norder to operate the devices in a protected IT environment, Siemens \nrecommends configuring the environment according to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf\"\u003eSiemens\u2019 operational guidelines for industrial security\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e, and to follow the recommendations in the product manuals.\u003c/span\u003e\u003c/p\u003e\n\u003cp\u003eAdditional information on industrial security by Siemens can be found on the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.siemens.com/industrialsecurity\"\u003eSiemens industrial security webpage\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e\u003c/p\u003e\n\u003cp\u003ePlease see Siemens security advisory \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf\"\u003eSSA-301589\u003c/a\u003e\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003efor more information.\u003c/span\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:\n\n\n  *  Avoid opening untrusted files from unknown sources in affected products.\n\n\n\nAs a general security measure, Siemens strongly recommends \nprotecting network access to devices with appropriate mechanisms. In \norder to operate the devices in a protected IT environment, Siemens \nrecommends configuring the environment according to  Siemens\u2019 operational guidelines for industrial security https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf , and to follow the recommendations in the product manuals.\n\n\nAdditional information on industrial security by Siemens can be found on the  Siemens industrial security webpage https://www.siemens.com/industrialsecurity .\n\n\nPlease see Siemens security advisory  SSA-301589 https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf \u00a0for more information."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2021-38405",
    "datePublished": "2023-11-21T18:19:10.557Z",
    "dateReserved": "2021-08-10T19:21:41.085Z",
    "dateUpdated": "2024-08-04T01:37:16.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-PQ78-QMG4-P42H

CVE-2021-38405 (GCVE-0-2021-38405)

Tags

Sightings

Nomenclature