CVE-2022-2069

CWE-122Heap-based Buffer OverflowCWE-787Out-of-bounds Write3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 79.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Siemens Jt2goSiemens Teamcenter Visualization V13.3Siemens Teamcenter Visualization V14.0+1 more
Timeline
PublishedOct 20

Description

The APDFL.dll in Siemens JT2Go prior to V13.3.0.5 and Siemens Teamcenter Visualization prior to V14.0.0.2 contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

NVDsiemens/teamcenter_visualization13.3.013.3.0.5+1
CVEListV5siemens/teamcenter_visualization_v13.3unspecifiedV13.3.0.5
CVEListV5siemens/teamcenter_visualization_v14.0unspecifiedV14.0.0.2
CVEListV5siemens/jt2gounspecifiedV13.3.0.5
NVDsiemens/jt2go< 13.3.0.5

🔴Vulnerability Details

2
GHSA
GHSA-9jxj-86hx-x7rj: The APDFL2022-10-20
CVEList
Datalogics APDFL library Heap-based Buffer Overflow2022-10-20
CVE-2022-2069 (HIGH CVSS 7.8) | The APDFL.dll in Siemens JT2Go prio | cvebase.io