Published: 09/02/2022 Updated: 14/06/2022

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PAR files. This could allow an malicious user to execute code in the context of the current process. (ZDI-CAN-15053)

Vulnerable Product	Search on Vulmon	Subscribe to Product
siemens solid edge se2021
siemens teamcenter visualization
siemens teamcenter visualization 13.1.0
siemens solid edge se2022
siemens jt2go

Critical Infrastructure Sectors: Critical Manufacturing

CWE-787 https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf https://www.zerodayinitiative.com/advisories/ZDI-22-335/https://nvd.nist.gov https://www.cisa.gov/uscert/ics/advisories/icsa-22-041-07-0 https://www.zerodayinitiative.com/advisories/ZDI-22-335/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-44000

Vulnerability Summary

Vulnerability Trend

ICS Advisories

References

Vulmon Search

About

Products

Connect