A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20825)
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf | Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2023-09-12T09:32:15.739Z
Updated: 2023-11-14T11:03:23.586Z
Reserved: 2023-07-12T13:18:53.822Z
Link: CVE-2023-38072
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-12T10:15:27.863
Modified: 2024-02-16T15:08:06.607
Link: CVE-2023-38072
JSON object: View
Redhat Information
No data.
CWE