Filtered by vendor Siemens
Subscribe
Search
Total
1276 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8214 | 1 Siemens | 8 Simatic Cp 343-1, Simatic Cp 343-1 Firmware, Simatic Cp 443-1 and 5 more | 2021-04-22 | 9.7 HIGH | N/A |
| A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions < V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs' configuration was stored on their corresponding CPUs. | |||||
| CVE-2020-7586 | 1 Siemens | 4 Simatic Pcs 7, Simatic Process Device Manager, Simatic Step 7 and 1 more | 2021-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. | |||||
| CVE-2021-25676 | 1 Siemens | 8 Ruggedcom Rm1224, Ruggedcom Rm1224 Firmware, Scalance M-800 and 5 more | 2021-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically. | |||||
| CVE-2017-11175 | 1 Siemens | 1 Fin Stack | 2021-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login. | |||||
| CVE-2015-7855 | 4 Debian, Netapp, Ntp and 1 more | 11 Debian Linux, Clustered Data Ontap, Data Ontap and 8 more | 2021-04-19 | 4.0 MEDIUM | 6.5 MEDIUM |
| The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value. | |||||
| CVE-2015-5219 | 10 Canonical, Debian, Fedoraproject and 7 more | 20 Ubuntu Linux, Debian Linux, Fedora and 17 more | 2021-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. | |||||
| CVE-2020-28395 | 1 Siemens | 16 Scalance Xr324-12m, Scalance Xr324-12m Firmware, Scalance Xr324-12m Ts and 13 more | 2021-03-26 | 4.3 MEDIUM | 5.9 MEDIUM |
| A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic. | |||||
| CVE-2020-27632 | 1 Siemens | 4 Simatic Mv420, Simatic Mv420 Firmware, Simatic Mv440 and 1 more | 2021-03-25 | 5.0 MEDIUM | 7.5 HIGH |
| In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions. | |||||
| CVE-2021-22651 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| When loading a specially crafted file, Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are, while processing the extraction of temporary files, suffering from a directory traversal vulnerability, which allows an attacker to store arbitrary scripts into automatic startup folders. | |||||
| CVE-2021-22649 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-22645 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” command, which can be pointed to a .dll from a remote network share. As a result, the .dll entry point can be executed without sufficient UI warning. | |||||
| CVE-2021-22647 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-22643 | 2 Luxion, Siemens | 8 Keyshot, Keyshot Network Rendering, Keyshot Viewer and 5 more | 2021-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2020-25240 | 1 Siemens | 1 Sinema Remote Connect Server | 2021-03-18 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). Unpriviledged users can access services when guessing the url. An attacker could impact availability, integrity and gain information from logs and templates of the service. | |||||
| CVE-2020-25241 | 1 Siemens | 14 Simatic Mv420 Sr-b, Simatic Mv420 Sr-b Body, Simatic Mv420 Sr-b Body Firmware and 11 more | 2021-03-18 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions. | |||||
| CVE-2020-28387 | 1 Siemens | 1 Solid Edge | 2021-03-18 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). When opening a specially crafted SEECTCXML file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11923) | |||||
| CVE-2020-25239 | 1 Siemens | 1 Sinema Remote Connect Server | 2021-03-18 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights. | |||||
| CVE-2021-25673 | 1 Siemens | 1 Simatic S7-plcsim | 2021-03-18 | 4.9 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, the application could enter an infinite loop, become unresponsive and must be restarted to restore the service. | |||||
| CVE-2021-27381 | 1 Siemens | 1 Solid Edge | 2021-03-18 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds read past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12534) | |||||
| CVE-2021-25674 | 1 Siemens | 1 Simatic S7-plcsim | 2021-03-18 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, a NULL pointer deference condition could cause the application to terminate unexpectedly and must be restarted to restore the service. | |||||
| CVE-2021-25675 | 1 Siemens | 1 Simatic S7-plcsim | 2021-03-18 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, a divide by zero operation could occur and cause the application to terminate unexpectedly and must be restarted to restore the service. | |||||
| CVE-2021-25173 | 2 Opendesign, Siemens | 3 Drawings Software Development Kit, Jt2go, Teamcenter Visualization | 2021-03-16 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart). | |||||
| CVE-2019-10925 | 1 Siemens | 4 Simatic Mv420, Simatic Mv420 Firmware, Simatic Mv440 and 1 more | 2021-03-15 | 5.5 MEDIUM | 7.1 HIGH |
| A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
| CVE-2019-6570 | 1 Siemens | 1 Sinema Remote Connect Server | 2021-03-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability. | |||||
| CVE-2019-10926 | 1 Siemens | 4 Simatic Mv420, Simatic Mv420 Firmware, Simatic Mv440 and 1 more | 2021-03-15 | 2.6 LOW | 5.3 MEDIUM |
| A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted. | |||||
| CVE-2020-25237 | 1 Siemens | 2 Sinec Network Management System, Sinema Server | 2021-03-10 | 5.5 MEDIUM | 8.1 HIGH |
| A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacker could create or overwrite arbitrary files on an affected system. This type of vulnerability is also known as 'Zip-Slip'. (ZDI-CAN-12054) | |||||
| CVE-2020-27004 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-03-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of CGM files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12163) | |||||
| CVE-2020-27008 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-03-09 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of PLT files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12209) | |||||
| CVE-2020-26995 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-03-05 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of SGI and RGB files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11992) | |||||
| CVE-2020-27003 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-03-05 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing TIFF files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12158) | |||||
| CVE-2020-27005 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-03-05 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of TGA files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12178) | |||||
| CVE-2020-27007 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-03-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of HPG files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12207) | |||||
| CVE-2020-28394 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-03-05 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of RAS files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12283) | |||||
| CVE-2020-7574 | 1 Siemens | 4 Climatix Pol908, Climatix Pol908 Firmware, Climatix Pol909 and 1 more | 2021-03-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the "Server Config" web interface of the affected devices that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges. An attacker could use the vulnerability to compromise the confidentiality and integrity of other users' web session. | |||||
| CVE-2020-7575 | 1 Siemens | 4 Climatix Pol908, Climatix Pol908 Firmware, Climatix Pol909 and 1 more | 2021-03-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the web server access log page of the affected devices that could allow an attacker to inject arbitrary JavaScript code via specially crafted GET requests. The code could be potentially executed later by another (privileged) user. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges. An attacker could use the vulnerability to compromise the confidentiality and integrity of other users' web sessions. | |||||
| CVE-2021-25176 | 2 Opendesign, Siemens | 3 Drawings Software Development Kit, Jt2go, Teamcenter Visualization | 2021-03-04 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | |||||
| CVE-2021-25174 | 2 Opendesign, Siemens | 3 Drawings Software Development Kit, Jt2go, Teamcenter Visualization | 2021-03-04 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart). | |||||
| CVE-2021-25175 | 2 Opendesign, Siemens | 3 Drawings Software Development Kit, Jt2go, Teamcenter Visualization | 2021-03-04 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Conversion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | |||||
| CVE-2021-25178 | 2 Opendesign, Siemens | 3 Drawings Software Development Kit, Jt2go, Teamcenter Visualization | 2021-03-04 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. This can allow attackers to cause a crash potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution. | |||||
| CVE-2021-25177 | 2 Opendesign, Siemens | 3 Drawings Software Development Kit, Jt2go, Teamcenter Visualization | 2021-03-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | |||||
| CVE-2020-25245 | 1 Siemens | 1 Digsi 4 | 2021-02-25 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability has been identified in DIGSI 4 (All versions < V4.94 SP1 HF 1). Several folders in the %PATH% are writeable by normal users. As these folders are included in the search for dlls, an attacker could place dlls there with code executed by SYSTEM. | |||||
| CVE-2020-26981 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-02-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11890) | |||||
| CVE-2020-26982 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-02-23 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CG4 and CGM files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11898) | |||||
| CVE-2020-26992 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-02-23 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2020-26993 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-02-22 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer in the font index handling function. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2020-26994 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-02-22 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of PCX files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2020-26983 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-02-22 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing PDF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11900) | |||||
| CVE-2020-26996 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-02-22 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of CG4 files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12027) | |||||
| CVE-2020-26984 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-02-22 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of JT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11972) | |||||
| CVE-2020-26985 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2021-02-22 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of RGB and SGI files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11986, ZDI-CAN-11994) | |||||