ID
VAR-202401-0190
CVE
CVE-2023-51745
TITLE
Siemens' JT2Go and Teamcenter Visualization Stack-based buffer overflow vulnerability in
Trust: 0.8
DESCRIPTION
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process. Siemens' JT2Go and Teamcenter Visualization Exists in a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.62
AFFECTED PRODUCTS
| vendor: | siemens | model: | teamcenter visualization | scope: | gte | version: | 14.2 | Trust: 1.0 |
| vendor: | siemens | model: | teamcenter visualization | scope: | gte | version: | 13.3.0 | Trust: 1.0 |
| vendor: | siemens | model: | teamcenter visualization | scope: | lt | version: | 14.3.0.6 | Trust: 1.0 |
| vendor: | siemens | model: | teamcenter visualization | scope: | gte | version: | 14.1 | Trust: 1.0 |
| vendor: | siemens | model: | teamcenter visualization | scope: | lt | version: | 14.2.0.9 | Trust: 1.0 |
| vendor: | siemens | model: | teamcenter visualization | scope: | gte | version: | 14.3 | Trust: 1.0 |
| vendor: | siemens | model: | jt2go | scope: | lt | version: | 14.3.0.6 | Trust: 1.0 |
| vendor: | siemens | model: | teamcenter visualization | scope: | lt | version: | 14.1.0.12 | Trust: 1.0 |
| vendor: | siemens | model: | teamcenter visualization | scope: | lt | version: | 13.3.0.13 | Trust: 1.0 |
| vendor: | シーメンス | model: | teamcenter visualization | scope: | - | version: | - | Trust: 0.8 |
| vendor: | シーメンス | model: | jt2go | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-121 | Trust: 1.0 |
| problemtype: | Stack-based buffer overflow (CWE-121) [ others ] | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2023-51745 | Trust: 2.6 |
| db: | SIEMENS | id: | SSA-794653 | Trust: 1.8 |
| db: | ICS CERT | id: | ICSA-24-011-06 | Trust: 0.8 |
| db: | JVN | id: | JVNVU92179258 | Trust: 0.8 |
| db: | JVNDB | id: | JVNDB-2023-024620 | Trust: 0.8 |
REFERENCES
| url: | https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf | Trust: 1.8 |
| url: | https://jvn.jp/vu/jvnvu92179258/ | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2023-51745 | Trust: 0.8 |
| url: | https://www.cisa.gov/news-events/ics-advisories/icsa-24-011-06 | Trust: 0.8 |
SOURCES
| db: | JVNDB | id: | JVNDB-2023-024620 |
| db: | NVD | id: | CVE-2023-51745 |
LAST UPDATE DATE
2024-02-02T22:35:07.666000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2023-024620 | date: | 2024-02-01T02:55:00 |
| db: | NVD | id: | CVE-2023-51745 | date: | 2024-01-11T20:39:21.337 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2023-024620 | date: | 2024-02-01T00:00:00 |
| db: | NVD | id: | CVE-2023-51745 | date: | 2024-01-09T10:15:21.947 |