CVE-2023-51439

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 9, 2024
Updated: Jan 11, 2024
CWE ID 125

Summary

CVE-2023-51439 is a newly identified vulnerability affecting multiple versions of JT2Go and Teamcenter Visualization, including V13.3, V14.1, V14.2, and V14.3. These applications, when processing specially crafted CGM files, exhibit an out-of-bounds read issue. The memory beyond the allocated structure in these applications can be accessed and potentially exploited, allowing attackers to execute code in the context of the current process. It is essential to upgrade these applications to their latest versions, V14.3.0.6, V13.3.0.13, V14.1.0.12, V14.2.0.9, respectively, to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Siemens Teamcenter Visualization
  • Siemens JT2GO
  • Teamcenter

Affected Vendors

  • Siemens AG