CVE-2021-33715NULL Pointer Dereference in Siemens JT Utilities

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 83.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Siemens JT Utilities
Timeline
PublishedJul 13
Latest updateMay 24

Description

A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a race condition could cause an object to be released before being operated on, leading to NULL pointer deference condition and causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDsiemens/jt_utilities< 13.0.2.0
CVEListV5siemens/jt_utilitiesAll versions < V13.0.2.0

🔴Vulnerability Details

2
GHSA
GHSA-3xx5-g4fv-w39v: A vulnerability has been identified in JT Utilities (All versions < V132022-05-24
CVEList
CVE-2021-33715: A vulnerability has been identified in JT Utilities (All versions < V132021-07-13
CVE-2021-33715 — NULL Pointer Dereference in Siemens | cvebase