Vulnerabilities > CVE-2020-27001 - Stack-based Buffer Overflow vulnerability in Siemens Jt2Go and Teamcenter Visualization

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

siemens

CWE-121

NVD

Published: 2021-02-09

Updated: 2022-04-29

Summary

A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12041)

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens Jt2Go - Siemens Jt2Go 13.1.0 Siemens Jt2Go 13.1.0.1 Siemens Teamcenter Visualization - Siemens Teamcenter Visualization 8.0.9085 Siemens Teamcenter Visualization 12.4.0 Siemens Teamcenter Visualization 13.0.0 Siemens Teamcenter Visualization 13.1.0 Siemens Teamcenter Visualization 13.1.0.1	9

Common Weakness Enumeration (CWE)

CWE-121 - Stack-based Buffer Overflow

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References