CVE-2020-28394

Siemens JT2Go and Teamcenter Visualization are affected by CVE-2020-28394 (RAS file parsing) where improper validation can cause an out-of-bounds read, potentially exposing data in the current process. Affected versions are JT2Go and Teamcenter Visualization prior to v13.1.0.1. The issue allows i...

CVE-2020-27007

CVE-2020-27007 affects Siemens JT2Go and Teamcenter Visualization (all versions before v13.1.0.1). The issue is an out-of-bounds read when parsing HPG files due to insufficient validation of user-supplied data, which can disclose data in the context of the current process. ZDI advisories describe...

CVE-2020-27007

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of HPG files. This could result in a memory access past the end of an allocated buffer. An attacker...

CVE-2020-27008

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of PLT files. This could result in a memory access past the end of an allocated buffer. An attacker...

CVE-2020-28394

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of RAS files. This could result in a memory access past the end of an allocated buffer. An attacker...

CVE-2020-27006

Siemens JT2Go (before 13.1.0.1) and Teamcenter Visualization (before 13.1.0.1) are affected by CVE-2020-27006 due to improper validation while parsing PCT files, causing a memory corruption condition that could allow code execution in the context of the current process. Connected advisories confi...

CVE-2020-27002

Siemens JT2Go and Teamcenter Visualization are affected by CVE-2020-27002 via PAR-file parsing: out-of-bounds read that could disclose data or, per related advisories, enable code execution in the current process. Affected versions are JT2Go and Teamcenter Visualization before 13.1.0.2. Mitigatio...

CVE-2020-27001

CVE-2020-27001 affects Siemens JT2Go < 13.1.0.2 and Teamcenter Visualization

CVE-2020-27004

Siemens JT2Go (pre-13.1.0.1) and Teamcenter Visualization (pre-13.1.0.1) are affected by CVE-2020-27004 due to improper validation during CGM file parsing, causing an out-of-bounds memory access and potential data exposure within the current process. The vulnerability is described as an out-of-bo...

CVE-2020-27003

Siemens JT2Go and Teamcenter Visualization (pre-13.1.0.1) are affected by CVE-2020-27003 due to untrusted pointer dereference during TIFF file parsing. The TIFF parsing flaw can allow an attacker to execute arbitrary code in the context of the current process. Public disclosures (ZDI-21-229) desc...

CVE-2020-26998

CVE-2020-26998 affects Siemens JT2Go (all versions) and Teamcenter Visualization prior to 13.1.0.2. The vulnerability is an out-of-bounds read when parsing PAR files, which can leak information. ZDI advisories additionally describe a remote-code-execution angle via crafted PAR/ASM inputs. Siemens...

CVE-2020-26999

Siemens JT2Go and Teamcenter Visualization (JT2Go: all versions before 13.1.0.2; Teamcenter Visualization: all versions before 13.1.0.2) are affected by a PAR file parsing vulnerability. The issue arises from improper validation of user-supplied PAR data, which can cause memory access beyond allo...

CVE-2020-26999

A vulnerability has been identified in JT2Go All versions V13.1.0.2, Teamcenter Visualization All versions V13.1.0.2. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker...

CVE-2020-26998

A vulnerability has been identified in JT2Go All versions V13.1.0.2, Teamcenter Visualization All versions V13.1.0.2. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker...

CVE-2020-27004

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of CGM files. This could result in a memory access past the end of an allocated buffer. An attacker...

CVE-2020-27001

A vulnerability has been identified in JT2Go All versions V13.1.0.2, Teamcenter Visualization All versions V13.1.0.2. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based buffer overflow. An attacker could leverage this...

CVE-2020-27006

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of PCT files. This could result in a memory corruption condition. An attacker could leverage this...

CVE-2020-27000

CVE-2020-27000 affects Siemens JT2Go (all versions < 13.1.0.1) and Teamcenter Visualization (all versions

CVE-2020-27005

Siemens JT2Go and Teamcenter Visualization (

CVE-2020-27002

A vulnerability has been identified in JT2Go All versions V13.1.0.2, Teamcenter Visualization All versions V13.1.0.2. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker...