← Back

CVE-2022-41284

nvd nist
Published: Dec 13, 2022Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD (Secondary)

Description

A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.

Affected (5)

Siemens
2 products
Jt2go
Teamcenter Visualization
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Jt2go
All versions
Siemens
Teamcenter Visualization
From 13.2.0 to 13.2.0.12
Teamcenter Visualization
From 13.3.0 to 13.3.0.8
Teamcenter Visualization
From 14.0 to 14.0.0.4
Teamcenter Visualization
From 14.1 to 14.1.0.6

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (2)

Source: productcert@siemens.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.