Lucene search
SiemensCVELIST:CVE-2021-34326HistoryJul 13, 2021 - 11:03 a.m.
CVE-2021-34326
2021-07-1311:03:42
CWE-122
siemens
www.cve.org
0.001 Low
EPSS
Percentile
35.7%
A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13422)
CNA Affected
[
{
"product": "JT2Go",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V13.2"
}
]
},
{
"product": "Solid Edge SE2021",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions < SE2021MP5"
}
]
},
{
"product": "Teamcenter Visualization",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V13.2"
}
]
}
]Related
nvd
nvd
CVE-2021-34326
2021-07-13 11:15:12
cve
cve
CVE-2021-34326
2021-07-13 11:15:12
zdi
zdi
prion
prion
Heap overflow
2021-07-13 11:15:00
ics
ics
Siemens Solid Edge
2021-07-14 12:00:00
Siemens JT2Go and Teamcenter Visualization
2021-07-13 12:00:00
nessus
nessus
Siemens JT2Go < 13.2 Multiple Vulnerabilities (SSA-483182)
2021-07-15 00:00:00