Multiple vulnerabilities in Siemens JT2Go, Teamcenter Visualization and Solid Edge

1) Double Free

EUVDB-ID: #VU54886

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34333

CWE-ID: CWE-415 - Double Free

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the BMP_Loader.dll library when parsing BMP files. A remote attacker can pass specially crafted data to the application, trigger double free error and cause a denial of service condition on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Infinite loop

EUVDB-ID: #VU54887

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34332

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in the BMP_Loader.dll library when parsing BMP files. A remote attacker can consume all available system resources and cause denial of service conditions.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU54891

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34324

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the Jt981.dll library when parsing JT files. A remote attacker can execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-862/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds write

EUVDB-ID: #VU54888

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34331

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Jt981.dll library when parsing JT files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-869/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU54889

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34330

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the Jt981.dll library when parsing JT files. A remote attacker can execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-868/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Heap-based buffer overflow

EUVDB-ID: #VU54885

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34329

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the plmxmlAdapterSE70.dll library when parsing PAR files. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

Solid Edge: before SE2021MP5

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://cert-portal.siemens.com/productcert/pdf/ssa-173615.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-867/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Heap-based buffer overflow

EUVDB-ID: #VU54884

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34328

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the plmxmlAdapterSE70.dll library when parsing PAR files. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

Solid Edge: before SE2021MP5

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://cert-portal.siemens.com/productcert/pdf/ssa-173615.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-866/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Heap-based buffer overflow

EUVDB-ID: #VU54883

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34327

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the plmxmlAdapterSE70.dll library when parsing ASM files. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

Solid Edge: before SE2021MP5

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://cert-portal.siemens.com/productcert/pdf/ssa-173615.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-865/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Heap-based buffer overflow

EUVDB-ID: #VU54882

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34326

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the plmxmlAdapterSE70.dll library when parsing PAR files. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

Solid Edge: before SE2021MP5

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://cert-portal.siemens.com/productcert/pdf/ssa-173615.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-864/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU54890

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34325

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the Jt981.dll library when parsing JT files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-863/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds write

EUVDB-ID: #VU54892

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34323

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Jt981.dll library when parsing JT files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-861/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Out-of-bounds read

EUVDB-ID: #VU54893

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34322

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the JPEG2K_Loader.dll library when parsing J2K files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-859/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds read

EUVDB-ID: #VU54894

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34321

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the VisDraw.dll library when parsing J2K files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-858/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Out-of-bounds read

EUVDB-ID: #VU54895

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34320

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the Jt981.dll library when parsing JT files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-856/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Out-of-bounds write

EUVDB-ID: #VU54896

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34319

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the BMP_loader.dll library when parsing SGI files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-855/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Out-of-bounds write

EUVDB-ID: #VU54897

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34318

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the BMP_loader.dll library when parsing PCT files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-854/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Heap-based buffer overflow

EUVDB-ID: #VU54898

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34317

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the BMP_loader.dll library when parsing PCX files. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-853/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds write

EUVDB-ID: #VU54974

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34291

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Gif_loader.dll library when parsing GIF files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-870/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds read

EUVDB-ID: #VU54973

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34292

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the Tiff_loader.dll library when parsing TIFF files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-871/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Out-of-bounds write

EUVDB-ID: #VU54972

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34293

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Gif_loader.dll library when parsing GIF files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-850/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Out-of-bounds read

EUVDB-ID: #VU54971

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34294

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the Gif_loader.dll library when parsing GIF files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-851/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Out-of-bounds write

EUVDB-ID: #VU54970

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34295

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Gif_loader.dll library when parsing GIF files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-852/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Out-of-bounds read

EUVDB-ID: #VU54969

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34296

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the BMP_Loader.dll library when parsing BMP files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-831/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Out-of-bounds write

EUVDB-ID: #VU54968

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34297

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the BMP_Loader.dll library when parsing BMP files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-832/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU54967

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34298

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the BMP_Loader.dll library when parsing BMP files. A remote attacker can execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-872/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Out-of-bounds read

EUVDB-ID: #VU54966

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34299

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the Tiff_loader.dll library when parsing TIFF files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-845/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Out-of-bounds write

EUVDB-ID: #VU54965

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34300

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Tiff_loader.dll library when parsing TIFF files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-846/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Use-after-free

EUVDB-ID: #VU54964

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34301

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the BMP_Loader.dll library when parsing BMP files. A remote attacker can execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-873/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds read

EUVDB-ID: #VU54963

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34302

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the BMP_Loader.dll library when parsing BMP files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-847/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Out-of-bounds read

EUVDB-ID: #VU54962

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34303

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the Tiff_Loader.dll library when parsing TIFF files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-848/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Out-of-bounds read

EUVDB-ID: #VU54961

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34304

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the Tiff_Loader.dll library when parsing TIFF files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-874/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Out-of-bounds write

EUVDB-ID: #VU54960

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34305

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Gif_loader.dll library when parsing GIF files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-834/
http://www.zerodayinitiative.com/advisories/ZDI-21-833/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Buffer overflow

EUVDB-ID: #VU54959

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34306

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the BMP_Loader.dll library when parsing BMP files. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-835/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Out-of-bounds read

EUVDB-ID: #VU54958

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34307

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the Tiff_Loader.dll library when parsing TIFF files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-836/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds read

EUVDB-ID: #VU54957

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34308

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the BMP_Loader.dll library when parsing BMP files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-837/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds write

EUVDB-ID: #VU54956

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34309

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Tiff_loader.dll library when parsing TIFF files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-838/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Out-of-bounds write

EUVDB-ID: #VU54955

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34310

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Tiff_loader.dll library when parsing TIFF files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-839/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Out-of-bounds write

EUVDB-ID: #VU54954

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34311

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the Mono_loader.dll library when parsing J2K files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-840/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Heap-based buffer overflow

EUVDB-ID: #VU54953

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34312

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the Tiff_loader.dll library when parsing TIFF files. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-841/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Heap-based buffer overflow

EUVDB-ID: #VU54952

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34313

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the Tiff_loader.dll library when parsing TIFF files. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-842/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Out-of-bounds write

EUVDB-ID: #VU54951

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34314

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the BMP_loader.dll library when parsing SGI files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-843/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Out-of-bounds read

EUVDB-ID: #VU54950

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34315

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the BMP_loader.dll library when parsing SGI files. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-844/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Out-of-bounds write

EUVDB-ID: #VU54948

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34316

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the DL180CoolType.dll library when parsing PDF files. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Install updates from vendor's website.

JT2Go: before 13.2

Teamcenter Visualization: before 13.2

http://cert-portal.siemens.com/productcert/pdf/ssa-483182.pdf
http://www.zerodayinitiative.com/advisories/ZDI-21-849/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.