Search

Find a vulnerability

Search criteria

    56 vulnerabilities found for Teamcenter Visualization V13.2 by Siemens

    CVE-2023-38683 (GCVE-0-2023-38683)

    Vulnerability from nvd – Published: 2023-08-08 09:20 – Updated: 2024-10-11 13:16
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted TIFF file. This could allow an attacker to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:46:56.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38683",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T13:15:58.316782Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T13:16:08.622Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.14"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.5), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.14), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.10), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.5). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted TIFF file. This could allow an attacker to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T09:20:48.395Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-38683",
        "datePublished": "2023-08-08T09:20:48.395Z",
        "dateReserved": "2023-07-24T13:55:32.997Z",
        "dateUpdated": "2024-10-11T13:16:08.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-38682 (GCVE-0-2023-38682)

    Vulnerability from nvd – Published: 2023-08-08 09:20 – Updated: 2024-10-11 13:17
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:46:56.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38682",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T13:17:15.547740Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T13:17:25.296Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.14"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.5), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.14), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.10), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T09:20:47.299Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-38682",
        "datePublished": "2023-08-08T09:20:47.299Z",
        "dateReserved": "2023-07-24T13:55:32.996Z",
        "dateUpdated": "2024-10-11T13:17:25.296Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-28830 (GCVE-0-2023-28830)

    Vulnerability from nvd – Published: 2023-08-08 09:20 – Updated: 2024-10-23 19:49
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update 13), Solid Edge SE2023 (All versions < V223.0 Update 4), Teamcenter Visualization V13.2 (All versions < V13.2.0.15), Teamcenter Visualization V13.3 (All versions < V13.3.0.11), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM file. An attacker could leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T13:51:38.123Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-28830",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T19:48:40.205775Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T19:49:54.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Solid Edge SE2022",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V222.0 Update 13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Solid Edge SE2023",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V223.0 Update 4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.15"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.11"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.11"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.5), Solid Edge SE2022 (All versions \u003c V222.0 Update 13), Solid Edge SE2023 (All versions \u003c V223.0 Update 4), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.15), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.11), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM file. An attacker could leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416: Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T09:20:17.760Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-28830",
        "datePublished": "2023-08-08T09:20:17.760Z",
        "dateReserved": "2023-03-24T15:17:33.934Z",
        "dateUpdated": "2024-10-23T19:49:54.534Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-33124 (GCVE-0-2023-33124)

    Vulnerability from nvd – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:37
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:39:35.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-33124",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:36:55.445166Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T01:37:31.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T08:17:17.687Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-33124",
        "datePublished": "2023-06-13T08:17:17.687Z",
        "dateReserved": "2023-05-17T13:17:47.573Z",
        "dateUpdated": "2025-01-03T01:37:31.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-33123 (GCVE-0-2023-33123)

    Vulnerability from nvd – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:38
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:39:35.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-33123",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:37:56.343806Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T01:38:42.204Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T08:17:16.585Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-33123",
        "datePublished": "2023-06-13T08:17:16.585Z",
        "dateReserved": "2023-05-17T13:17:47.573Z",
        "dateUpdated": "2025-01-03T01:38:42.204Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-33122 (GCVE-0-2023-33122)

    Vulnerability from nvd – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:40
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:39:34.343Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-33122",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:40:14.247239Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T01:40:43.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T08:17:15.483Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-33122",
        "datePublished": "2023-06-13T08:17:15.483Z",
        "dateReserved": "2023-05-17T13:17:47.573Z",
        "dateUpdated": "2025-01-03T01:40:43.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-33121 (GCVE-0-2023-33121)

    Vulnerability from nvd – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:42
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:39:35.930Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-33121",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:41:54.698537Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T01:42:09.311Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T08:17:14.419Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-33121",
        "datePublished": "2023-06-13T08:17:14.419Z",
        "dateReserved": "2023-05-17T13:17:47.573Z",
        "dateUpdated": "2025-01-03T01:42:09.311Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-45484 (GCVE-0-2022-45484)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:43
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.9), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.5), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CCITT_G4Decode.dll contains an out of bounds read vulnerability when parsing a RAS file. An attacker can leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19056)
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T14:17:03.608Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-45484",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:14:51.039869Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:43:31.045Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.9), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.5), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CCITT_G4Decode.dll contains an out of bounds read vulnerability when parsing a RAS file. An attacker can leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19056)"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:52.706Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-45484",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-11-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:43:31.045Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41288 (GCVE-0-2022-41288)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains stack exhaustion vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:46.202Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41288",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:14:58.459752Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:05.544Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains stack exhaustion vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:48.369Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41288",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:05.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41287 (GCVE-0-2022-41287)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2024-08-03 12:42
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains divide by zero vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.640Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains divide by zero vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-369",
                  "description": "CWE-369: Divide By Zero",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:47.392Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41287",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2024-08-03T12:42:44.640Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41286 (GCVE-0-2022-41286)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:45.461Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41286",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:21:30.949055Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:15.855Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:46.397Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41286",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:15.855Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41285 (GCVE-0-2022-41285)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.047Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41285",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:21:34.840981Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:23.773Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416: Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:45.408Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41285",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:23.773Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41284 (GCVE-0-2022-41284)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.095Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41284",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:21:38.411763Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:31.841Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:44.392Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41284",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:31.841Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41283 (GCVE-0-2022-41283)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.879Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41283",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:21:42.662672Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:43.158Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:43.378Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41283",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:43.158Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41282 (GCVE-0-2022-41282)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.917Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41282",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:21:50.678569Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:50.227Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:42.354Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41282",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:50.227Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41281 (GCVE-0-2022-41281)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.072Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41281",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:21:55.470757Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:58.713Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:41.331Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41281",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:58.713Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41280 (GCVE-0-2022-41280)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:45
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.071Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41280",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:15:02.642801Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:45:08.185Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:40.259Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41280",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:45:08.185Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41279 (GCVE-0-2022-41279)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:45
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.073Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41279",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:15:06.512625Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:45:15.469Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:39.221Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41279",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:45:15.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41278 (GCVE-0-2022-41278)

    Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2024-08-03 12:42
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:45.639Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:38.189Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41278",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2024-08-03T12:42:45.639Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-38683 (GCVE-0-2023-38683)

    Vulnerability from cvelistv5 – Published: 2023-08-08 09:20 – Updated: 2024-10-11 13:16
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted TIFF file. This could allow an attacker to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:46:56.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38683",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T13:15:58.316782Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T13:16:08.622Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.14"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.5), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.14), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.10), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.5). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted TIFF file. This could allow an attacker to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T09:20:48.395Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-38683",
        "datePublished": "2023-08-08T09:20:48.395Z",
        "dateReserved": "2023-07-24T13:55:32.997Z",
        "dateUpdated": "2024-10-11T13:16:08.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-38682 (GCVE-0-2023-38682)

    Vulnerability from cvelistv5 – Published: 2023-08-08 09:20 – Updated: 2024-10-11 13:17
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:46:56.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-38682",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T13:17:15.547740Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T13:17:25.296Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.14"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.5), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.14), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.10), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T09:20:47.299Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-38682",
        "datePublished": "2023-08-08T09:20:47.299Z",
        "dateReserved": "2023-07-24T13:55:32.996Z",
        "dateUpdated": "2024-10-11T13:17:25.296Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-28830 (GCVE-0-2023-28830)

    Vulnerability from cvelistv5 – Published: 2023-08-08 09:20 – Updated: 2024-10-23 19:49
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update 13), Solid Edge SE2023 (All versions < V223.0 Update 4), Teamcenter Visualization V13.2 (All versions < V13.2.0.15), Teamcenter Visualization V13.3 (All versions < V13.3.0.11), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM file. An attacker could leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T13:51:38.123Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-28830",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T19:48:40.205775Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-23T19:49:54.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Solid Edge SE2022",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V222.0 Update 13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Solid Edge SE2023",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V223.0 Update 4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.15"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.11"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.11"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.5), Solid Edge SE2022 (All versions \u003c V222.0 Update 13), Solid Edge SE2023 (All versions \u003c V223.0 Update 4), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.15), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.11), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.11), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM file. An attacker could leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416: Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-08T09:20:17.760Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-28830",
        "datePublished": "2023-08-08T09:20:17.760Z",
        "dateReserved": "2023-03-24T15:17:33.934Z",
        "dateUpdated": "2024-10-23T19:49:54.534Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-33124 (GCVE-0-2023-33124)

    Vulnerability from cvelistv5 – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:37
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:39:35.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-33124",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:36:55.445166Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T01:37:31.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T08:17:17.687Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-33124",
        "datePublished": "2023-06-13T08:17:17.687Z",
        "dateReserved": "2023-05-17T13:17:47.573Z",
        "dateUpdated": "2025-01-03T01:37:31.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-33123 (GCVE-0-2023-33123)

    Vulnerability from cvelistv5 – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:38
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:39:35.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-33123",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:37:56.343806Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T01:38:42.204Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T08:17:16.585Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-33123",
        "datePublished": "2023-06-13T08:17:16.585Z",
        "dateReserved": "2023-05-17T13:17:47.573Z",
        "dateUpdated": "2025-01-03T01:38:42.204Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-33122 (GCVE-0-2023-33122)

    Vulnerability from cvelistv5 – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:40
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:39:34.343Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-33122",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:40:14.247239Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T01:40:43.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T08:17:15.483Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-33122",
        "datePublished": "2023-06-13T08:17:15.483Z",
        "dateReserved": "2023-05-17T13:17:47.573Z",
        "dateUpdated": "2025-01-03T01:40:43.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-33121 (GCVE-0-2023-33121)

    Vulnerability from cvelistv5 – Published: 2023-06-13 08:17 – Updated: 2025-01-03 01:42
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T15:39:35.930Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-33121",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:41:54.698537Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T01:42:09.311Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.13"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.10"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.2.0.3), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.13), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.10), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.6), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.8), Teamcenter Visualization V14.2 (All versions \u003c V14.2.0.3). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T08:17:14.419Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2023-33121",
        "datePublished": "2023-06-13T08:17:14.419Z",
        "dateReserved": "2023-05-17T13:17:47.573Z",
        "dateUpdated": "2025-01-03T01:42:09.311Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41282 (GCVE-0-2022-41282)

    Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.917Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41282",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:21:50.678569Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:50.227Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds read vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:42.354Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41282",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:50.227Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41283 (GCVE-0-2022-41283)

    Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.879Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41283",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:21:42.662672Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:43.158Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:43.378Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41283",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:43.158Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41288 (GCVE-0-2022-41288)

    Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:44
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains stack exhaustion vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:46.202Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41288",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:14:58.459752Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:44:05.544Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains stack exhaustion vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:48.369Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41288",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:44:05.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41279 (GCVE-0-2022-41279)

    Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-04-21 13:45
    VLAI
    Summary
    A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:44.073Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-41279",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T15:15:06.512625Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:45:15.469Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "JT2Go",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.2",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.2.0.12"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V13.3",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V13.3.0.8"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.0",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.0.0.4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Teamcenter Visualization V14.1",
              "vendor": "Siemens",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions \u003c V14.1.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in JT2Go (All versions \u003c V14.1.0.6), Teamcenter Visualization V13.2 (All versions \u003c V13.2.0.12), Teamcenter Visualization V13.3 (All versions \u003c V13.3.0.8), Teamcenter Visualization V14.0 (All versions \u003c V14.0.0.4), Teamcenter Visualization V14.1 (All versions \u003c V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-11T09:02:39.221Z",
            "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            "shortName": "siemens"
          },
          "references": [
            {
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "assignerShortName": "siemens",
        "cveId": "CVE-2022-41279",
        "datePublished": "2022-12-13T00:00:00.000Z",
        "dateReserved": "2022-09-21T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:45:15.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }