A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20840)
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf | Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2023-09-12T09:32:17.948Z
Updated: 2023-11-14T11:03:26.239Z
Reserved: 2023-07-12T13:18:53.822Z
Link: CVE-2023-38074
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-12T10:15:28.367
Modified: 2024-01-25T02:21:12.227
Link: CVE-2023-38074
JSON object: View
Redhat Information
No data.
CWE