CVE-2022-41278
3.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Summary
A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | JT2Go | All versions < V14.1.0.6 | affected |
| Siemens | Teamcenter Visualization V13.2 | All versions < V13.2.0.12 | affected |
| Siemens | Teamcenter Visualization V13.3 | All versions < V13.3.0.8 | affected |
| Siemens | Teamcenter Visualization V14.0 | All versions < V14.0.0.4 | affected |
| Siemens | Teamcenter Visualization V14.1 | All versions < V14.1.0.6 | affected |
Weaknesses
- CWE-476: CWE-476: NULL Pointer Dereference
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.