CVE-2021-44447
published 2021-12-14CVE-2021-44447: A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products contains a…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14911)
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | jt_open_toolkit | < 11.0.3.0 | 11.0.3.0 |
| siemens | jt_utilities | < 13.0.3.0 | 13.0.3.0 |
| siemens | jt_utilities | — | — |
| siemens | jttk | — | — |