Vulnerabilities > CVE-2020-27006 - Out-of-bounds Write vulnerability in Siemens Jt2Go and Teamcenter Visualization

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

siemens

CWE-787

NVD

Published: 2021-02-09

Updated: 2021-10-18

Summary

A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing of PCT files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12182)

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens Jt2Go - Siemens Jt2Go 13.1.0 Siemens Teamcenter Visualization - Siemens Teamcenter Visualization 8.0.9085 Siemens Teamcenter Visualization 12.4.0 Siemens Teamcenter Visualization 13.0.0 Siemens Teamcenter Visualization 13.1.0	7

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References