Vulnerabilities > CVE-2021-33714 - NULL Pointer Dereference vulnerability in Siemens JT Utilities

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

siemens

CWE-476

NVD

Published: 2021-07-13

Updated: 2021-07-20

Summary

A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a missing check for the validity of an iterator leads to NULL pointer deference condition, causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens JT Utilities -	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://cert-portal.siemens.com/productcert/pdf/ssa-209268.pdf