CVE-2021-44014
published 2021-12-14CVE-2021-44014: A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15057, ZDI-CAN-19081)
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | jt2go | < 13.2.0.5 | 13.2.0.5 |
| siemens | jt_open | — | — |
| siemens | jt_open_toolkit | < 11.1.1.0 | 11.1.1.0 |
| siemens | jt_utilities | < 13.1.1.0 | 13.1.1.0 |
| siemens | jt_utilities | — | — |
| siemens | solid_edge | < se2023 | se2023 |
| siemens | solid_edge | — | — |
| siemens | teamcenter_visualization | < 13.2.0.5 | 13.2.0.5 |