Siemens JT2Go and Teamcenter Visualization products

🗓️ 10 Aug 2021 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics🔗 www.cisa.gov👁 44 Views

Siemens JT2Go & Teamcenter Visualization products affected by use after free, out-of-bounds write, and read vulnerabilities allowing arbitrary code execution or denial-of-service

Reporter	Title	Published	Views	Family All 94
Circl	CVE-2021-32936	17 Jun 202116:41	–	circl
Circl	CVE-2021-32938	17 Jun 202116:41	–	circl
Circl	CVE-2021-32944	17 Jun 202116:41	–	circl
Circl	CVE-2021-32950	17 Jun 202116:41	–	circl
Circl	CVE-2021-33717	10 Aug 202114:37	–	circl
CNNVD	Open Design Alliance Drawings SDK 缓冲区错误漏洞	9 Jun 202100:00	–	cnnvd
CNNVD	Open Design Alliance Drawings SDK 缓冲区错误漏洞	9 Jun 202100:00	–	cnnvd
CNNVD	Open Design Alliance Drawings SDK 缓冲区错误漏洞	9 Jun 202100:00	–	cnnvd
CNNVD	Open Design Alliance Drawings SDK 缓冲区错误漏洞	9 Jun 202100:00	–	cnnvd
CNNVD	Open Design Alliance Drawings SDK 缓冲区错误漏洞	9 Jun 202100:00	–	cnnvd

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/csaf/ssa-365397.json
cert-portal	www.cert-portal.siemens.com/productcert/txt/ssa-365397.txt
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-222-01.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-21-222-01
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/topics/industrial-control-systems
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
cisa	www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf

10 Aug 2021 00:00Current

7.9High risk

Vulners AI Score7.9

CVSS 26.8

CVSS 3.17.8

EPSS0.00375