ID

VAR-202202-0028


CVE

CVE-2021-38405


TITLE

Siemens JT2Go PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Trust: 1.4

sources: ZDI: ZDI-22-339 // ZDI: ZDI-22-337

DESCRIPTION

The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process. Siemens' JT2Go and Teamcenter Visualization Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer

Trust: 3.6

sources: NVD: CVE-2021-38405 // JVNDB: JVNDB-2021-020743 // ZDI: ZDI-22-339 // ZDI: ZDI-22-337 // ZDI: ZDI-22-336 // VULMON: CVE-2021-38405

AFFECTED PRODUCTS

vendor:siemensmodel:jt2goscope: - version: -

Trust: 2.1

vendor:siemensmodel:teamcenter visualizationscope:eqversion:13.3.0

Trust: 1.0

vendor:siemensmodel:jt2goscope:ltversion:13.2.0.7

Trust: 1.0

vendor:siemensmodel:teamcenter visualizationscope:gteversion:13.2.0

Trust: 1.0

vendor:siemensmodel:teamcenter visualizationscope:ltversion:13.1.0.8

Trust: 1.0

vendor:siemensmodel:teamcenter visualizationscope:gteversion:13.1.0

Trust: 1.0

vendor:siemensmodel:teamcenter visualizationscope:ltversion:13.2.0.7

Trust: 1.0

vendor:シーメンスmodel:teamcenter visualizationscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:jt2goscope: - version: -

Trust: 0.8

sources: ZDI: ZDI-22-339 // ZDI: ZDI-22-337 // ZDI: ZDI-22-336 // JVNDB: JVNDB-2021-020743 // NVD: CVE-2021-38405

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2021-38405
value: HIGH

Trust: 1.8

ZDI: CVE-2021-38405
value: LOW

Trust: 1.4

ics-cert@hq.dhs.gov: CVE-2021-38405
value: HIGH

Trust: 1.0

ZDI: CVE-2021-38405
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202202-946
value: LOW

Trust: 0.6

NVD:
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

ZDI: CVE-2021-38405
baseSeverity: LOW
baseScore: 3.3
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.0

Trust: 1.4

NVD: CVE-2021-38405
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2021-38405
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-339 // ZDI: ZDI-22-337 // ZDI: ZDI-22-336 // JVNDB: JVNDB-2021-020743 // CNNVD: CNNVD-202202-946 // NVD: CVE-2021-38405 // NVD: CVE-2021-38405

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-020743 // NVD: CVE-2021-38405

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202202-946

CONFIGURATIONS

sources: NVD: CVE-2021-38405

PATCH

title:Siemens has issued an update to correct this vulnerability.url:https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf

Trust: 2.1

title:Siemens Jt2go Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=182233

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=fefc850707fc7ccce29d30c42162ee31

Trust: 0.1

sources: ZDI: ZDI-22-339 // ZDI: ZDI-22-337 // ZDI: ZDI-22-336 // VULMON: CVE-2021-38405 // CNNVD: CNNVD-202202-946

EXTERNAL IDS

db:NVDid:CVE-2021-38405

Trust: 5.4

db:ICS CERTid:ICSA-22-041-07

Trust: 2.5

db:SIEMENSid:SSA-301589

Trust: 1.9

db:ZDIid:ZDI-22-339

Trust: 1.3

db:ZDIid:ZDI-22-336

Trust: 0.8

db:JVNid:JVNVU98748974

Trust: 0.8

db:JVNDBid:JVNDB-2021-020743

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-15113

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-15108

Trust: 0.7

db:ZDIid:ZDI-22-337

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-15106

Trust: 0.7

db:CS-HELPid:SB2022021109

Trust: 0.6

db:CNNVDid:CNNVD-202202-946

Trust: 0.6

db:VULMONid:CVE-2021-38405

Trust: 0.1

sources: ZDI: ZDI-22-339 // ZDI: ZDI-22-337 // ZDI: ZDI-22-336 // VULMON: CVE-2021-38405 // JVNDB: JVNDB-2021-020743 // CNNVD: CNNVD-202202-946 // NVD: CVE-2021-38405

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-301589.pdf

Trust: 4.0

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-07

Trust: 1.9

url:https://jvn.jp/vu/jvnvu98748974/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-38405

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-22-339/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021109

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-041-07-1

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-041-07-0

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.zerodayinitiative.com/advisories/zdi-22-336/

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-041-07

Trust: 0.1

sources: ZDI: ZDI-22-339 // ZDI: ZDI-22-337 // ZDI: ZDI-22-336 // VULMON: CVE-2021-38405 // JVNDB: JVNDB-2021-020743 // CNNVD: CNNVD-202202-946 // NVD: CVE-2021-38405

CREDITS

Mat Powell of Trend Micro Zero Day Initiative

Trust: 2.7

sources: ZDI: ZDI-22-339 // ZDI: ZDI-22-337 // ZDI: ZDI-22-336 // CNNVD: CNNVD-202202-946

SOURCES

db:ZDIid:ZDI-22-339
db:ZDIid:ZDI-22-337
db:ZDIid:ZDI-22-336
db:VULMONid:CVE-2021-38405
db:JVNDBid:JVNDB-2021-020743
db:CNNVDid:CNNVD-202202-946
db:NVDid:CVE-2021-38405

LAST UPDATE DATE

2024-01-18T19:33:14.808000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-339date:2022-02-15T00:00:00
db:ZDIid:ZDI-22-337date:2022-02-15T00:00:00
db:ZDIid:ZDI-22-336date:2022-02-15T00:00:00
db:VULMONid:CVE-2021-38405date:2023-11-21T00:00:00
db:JVNDBid:JVNDB-2021-020743date:2024-01-11T06:17:00
db:CNNVDid:CNNVD-202202-946date:2022-02-16T00:00:00
db:NVDid:CVE-2021-38405date:2023-11-30T05:39:30.360

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-339date:2022-02-15T00:00:00
db:ZDIid:ZDI-22-337date:2022-02-15T00:00:00
db:ZDIid:ZDI-22-336date:2022-02-15T00:00:00
db:VULMONid:CVE-2021-38405date:2023-11-21T00:00:00
db:JVNDBid:JVNDB-2021-020743date:2024-01-11T00:00:00
db:CNNVDid:CNNVD-202202-946date:2022-02-10T00:00:00
db:NVDid:CVE-2021-38405date:2023-11-21T19:15:07.647