Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.3
CVSSv3

CVE-2021-44444

Published: 14/12/2021 Updated: 14/10/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Jt Open Toolkit

Vulnerability Summary

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15052)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens jt open toolkit

siemens jt utilities

ICS Advisories

Siemens JT Utilities and JT Open Toolkit

Exploits

Exploit DB: Microsoft Office MSDT Follina Proof Of Concept
Proof of concept for the remote code execution vulnerability in MSDT known as Follina ...

Github Repositories

https://github.com/JMousqueton/PoC-CVE-2022-30190

POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina

POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina Info : New Microsoft Office zero-day used in attacks to execute PowerShell Summary On the 29th of May 2022, the Nao_Sec team, an independent Cyber Security Research Team, discovered a malicious Office document shared on Virustotal This document is using an unusual, but known scheme to infect its victims The scheme

https://github.com/JMousqueton/POC-CVE-MS-OFFICE-RCE

POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina

POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina Info : New Microsoft Office zero-day used in attacks to execute PowerShell Summary On the 29th of May 2022, the Nao_Sec team, an independent Cyber Security Research Team, discovered a malicious Office document shared on Virustotal This document is using an unusual, but known scheme to infect its victims The scheme

https://github.com/JMousqueton/PoC-msdt-follina

POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina

POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina Info : New Microsoft Office zero-day used in attacks to execute PowerShell Summary On the 29th of May 2022, the Nao_Sec team, an independent Cyber Security Research Team, discovered a malicious Office document shared on Virustotal This document is using an unusual, but known scheme to infect its victims The scheme

References

CWE-125CWE-125https://cert-portal.siemens.com/productcert/pdf/ssa-802578.pdfhttp://packetstormsecurity.com/files/167317/Microsoft-Office-MSDT-Follina-Proof-Of-Concept.htmlhttps://nvd.nist.govhttps://github.com/JMousqueton/PoC-CVE-2022-30190https://www.cisa.gov/uscert/ics/advisories/icsa-21-350-17
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook