The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf | Vendor Advisory |
https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-07 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
History
30 Nov 2023, 05:39
Type | Values Removed | Values Added |
---|---|---|
First Time |
Siemens teamcenter Visualization
Siemens Siemens jt2go |
|
References | () https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-07 - Third Party Advisory, US Government Resource | |
References | () https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf - Vendor Advisory | |
CPE | cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:teamcenter_visualization:13.3.0:*:*:*:*:*:*:* cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:* |
|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
21 Nov 2023, 20:31
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-21 19:15
Updated : 2024-02-28 20:54
NVD link : CVE-2021-38405
Mitre link : CVE-2021-38405
CVE.ORG link : CVE-2021-38405
JSON object : View
Products Affected
siemens
- jt2go
- teamcenter_visualization