In one issue, JTTK library in affected products is vulnerable to an out-of-bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44430 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

In addition, JTTK library is vulnerable to an out-of-bounds read past the end of an allocated buffer when parsing specially crafted JT files. This could allow an attacker to leak information in the context of the current process.

CVE-2021-44431 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 3.3.

Also, JTTK library is vulnerable to stack-based buffer overflow while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44432 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

In another issue, JTTK library contains a use after free vulnerability that could end up triggered while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44433 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

In addition, JTTK library is vulnerable to an out-of-bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44434 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

Also, JTTK library is vulnerable to stack-based buffer overflow while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44435 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

In another issue, JTTK library is vulnerable to an out-of-bounds read past the end of an allocated buffer when parsing specially crafted JT files. This could allow an attacker to leak information in the context of the current process.

CVE-2021-44436 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

In addition, JTTK library is vulnerable to an out-of-bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44437 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

Also, JTTK library is vulnerable to an out-of-bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44438 is the case number has been assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

In another issue, JTTK library in affected products is vulnerable to an out-of-bounds read past the end of an allocated buffer when parsing specially crafted JT files. This could allow an attacker to leak information in the context of the current process.

CVE-2021-44439 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

In addition, JTTK library in affected products is vulnerable to memory corruption condition while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44440 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

Also, JTTK library contains an out-of-bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44441 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

In another issue, JTTK library contains an out-of-bounds write past the fixed-length heap-based buffer while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44442 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

In addition, JTTK library contains an out-of-bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44443 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

Also, JTTK library in affected products is vulnerable to an out-of-bounds read past the end of an allocated buffer when parsing specially crafted JT files. This could allow an attacker to leak information in the context of the current process.

CVE-2021-44444 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 3.3.

Finally, JTTK library contains an out-of-bounds write past the fixed-length heap-based buffer while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2021-44445 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.

The product sees use in multiple industrial sectors, and on a global basis.

No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely. However, an attacker with low skill level could leverage these low complexity vulnerabilities.

Siemens has released an update for the following versions:

Siemens identified the following specific workarounds and mitigations users can apply to reduce the risk:

  • Avoid to open untrusted files from unknown sources using JTTK
  • Avoid opening untrusted files from unknown sources in JT Utilities

As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for Industrial Security and following the recommendations in the product manuals.

For more information about this issue, click on Siemens security advisory SSA-802578.

Attachments

  • Original Link
  • Original Document
  • Permalink

Disclaimer

Bentley Systems Inc. published this content on 30 December 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 30 December 2021 15:36:04 UTC.