Design/Logic Flaw

2023-09-1210:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

jt2go

teamcenter visualization

tecnomatix plant simulation

code execution

wrl files

out of bounds write

security flaw

exploit

process context

0.001 Low

EPSS

Percentile

32.3%

JSON

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20825)

CPENameOperatorVersion
jt2golt14.3.0.1
teamcenter_visualizationge14.2
teamcenter_visualizationlt14.2.0.6
teamcenter_visualizationge14.3
teamcenter_visualizationlt14.3.0.1
teamcenter_visualizationge14.0
teamcenter_visualizationlt14.1.0.11
teamcenter_visualizationge13.3.0
teamcenter_visualizationlt13.4.0.12
tecnomatix_plant_simulationge2201.0

Name	Operator	Version
jt2go	lt	14.3.0.1
teamcenter_visualization	ge	14.2
teamcenter_visualization	lt	14.2.0.6
teamcenter_visualization	ge	14.3
teamcenter_visualization	lt	14.3.0.1
teamcenter_visualization	ge	14.0
teamcenter_visualization	lt	14.1.0.11
teamcenter_visualization	ge	13.3.0
teamcenter_visualization	lt	13.4.0.12
tecnomatix_plant_simulation	ge	2201.0