cbcvebase.
CVE-2022-41663
published 2022-11-08

CVE-2022-41663: A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization…

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Affected

9 ranges
VendorProductVersion rangeFixed in
siemensjt2go< 14.1.0.414.1.0.4
siemensjt2go
siemensteamcenter_visualization>= 13.3.0 < 13.3.0.713.3.0.7
siemensteamcenter_visualization>= 14.0 < 14.0.0.314.0.0.3
siemensteamcenter_visualization>= 14.1 < 14.1.0.414.1.0.4
siemensteamcenter_visualization_v13.2
siemensteamcenter_visualization_v13.3
siemensteamcenter_visualization_v14.0
siemensteamcenter_visualization_v14.1