Siemens Jt2Go vulnerabilities

CVE-2021-34325 [MEDIUM] CWE-126 CVE-2021-34325: A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All v A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulne

CVE-2021-34322 [MEDIUM] CWE-126 CVE-2021-34322: A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All v A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The JPEG2K_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage t

CVE-2021-34302 [MEDIUM] CWE-126 CVE-2021-34302: A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All v A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this

CVE-2021-34332 [MEDIUM] CWE-835 CVE-2021-34332: A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All v A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. A malformed input file could result in an infinite loop condition that leads to denial of service condition. An

CVE-2021-32936 [HIGH] CWE-787 CVE-2021-32936: An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All ve An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the c

CVE-2021-32948 [HIGH] CWE-787 CVE-2021-32948: An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versi An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the curr

CVE-2021-32944 [HIGH] CWE-416 CVE-2021-32944: A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions pr A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a memory corruption or arbitrary code execution, allowing attackers to cause a denial-of-service condition or execute code in the context of the curren

CVE-2021-32938 [HIGH] CWE-125 CVE-2021-32938: Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing o Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory.

CVE-2021-32952 [HIGH] CWE-787 CVE-2021-32952: An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2 An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current

CVE-2021-32950 [HIGH] CWE-125 CVE-2021-32950: An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory loc

CVE-2021-32940 [HIGH] CWE-125 CVE-2021-32940: An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All ver An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or read sensitive information from memory

CVE-2021-32946 [HIGH] CWE-754 CVE-2021-32946: An improper check for unusual or exceptional conditions issue exists within the parsing DGN files fr An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow attackers to cause a denial-of-service condition or execute code in the con

CVE-2021-27390 [HIGH] CWE-787 CVE-2021-27390: A vulnerability has been identified in JT2Go (All versions < V13.1.0.3), Teamcenter Visualization (A A vulnerability has been identified in JT2Go (All versions < V13.1.0.3), Teamcenter Visualization (All versions < V13.1.0.3). The TIFF_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could l

CVE-2020-27001 [HIGH] CWE-121 CVE-2020-27001: A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (A A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of t

CVE-2020-27002 [HIGH] CWE-125 CVE-2020-27002: A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (A A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access dat

CVE-2020-27003 [HIGH] CWE-822 CVE-2020-27003: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (A A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing TIFF files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to exe

CVE-2020-26999 [HIGH] CWE-125 CVE-2020-26999: A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (A A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to leak infor

CVE-2020-27000 [HIGH] CWE-119 CVE-2020-27000: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (A A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing BMP files. This can result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the cu

CVE-2020-27006 [HIGH] CWE-119 CVE-2020-27006: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (A A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of PCT files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of t

CVE-2020-27005 [HIGH] CWE-787 CVE-2020-27005: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (A A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of TGA files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to