A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14830)
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-396621.pdf | Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-396621.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert-portal.siemens.com/productcert/pdf/ssa-396621.pdf - Vendor Advisory |
Information
Published : 2021-12-14 12:15
Updated : 2024-11-21 06:31
NVD link : CVE-2021-44449
Mitre link : CVE-2021-44449
CVE.ORG link : CVE-2021-44449
JSON object : View
Products Affected
siemens
- jt_utilities
- jt_open_toolkit
CWE
CWE-787
Out-of-bounds Write