Siemens Jt2go and Siemens Teamcenter Visualization Remote Code Execution Vulnerability (CNVD-2021-53353)

Siemens Jt2go and Siemens Teamcenter Visualization are both products of the German company Siemens. Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. A remote code execution vulnerability exists in Siemens JT2Go versions prior to 13.2 and Teamcenter Visualization versions prior to 13.2. The vulnerability stems from the failure of the BMP_Loader.dll library to properly validate user-supplied data before performing further release operations on objects when parsing BMP files, and can be exploited by attackers to The vulnerability can be exploited to execute code in the context of the current process.