A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20842)
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf | Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2023-09-12T09:32:19.039Z
Updated: 2023-11-14T11:03:27.558Z
Reserved: 2023-07-12T13:18:53.823Z
Link: CVE-2023-38075
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-12T10:15:28.630
Modified: 2024-01-25T02:23:00.527
Link: CVE-2023-38075
JSON object: View
Redhat Information
No data.
CWE