all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SSA-429204 V1.0: Open Design Alliance Drawings SDK Vulnerabilities in JT2Go and Teamcenter Visualization

Add to bookmarks
July 12, 2022, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com


JT2Go and Teamcenter Visualization are affected by multiple file parsing vulnerabilities in Drawings SDK from Open Design Alliance. If a user is tricked to open a malicious DWG file with any of the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.



Siemens has released updates for the affected products and recommends to update to the latest versions.



Note:




  • This advisory covers security vulnerabilities recently disclosed by Open Design Alliance [0]



[0] https://www.opendesign.com/security-advisories

alliance application crash design dwg file malicious parsing products sdk ssa visualization vulnerabilities

Visit resource

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-750274 V1.0: Impact of CVE-2024-3400 on RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual … 3 weeks, 2 days ago | cert-portal.siemens.com
addresses advisory alto countermeasures +22
SSA-222019 V1.0: X_T File Parsing Vulnerabilities in Parasolid 1 month ago | cert-portal.siemens.com
application applications attacker code +12
SSA-885980 V1.0: Multiple Vulnerabilities in Scalance W1750D 1 month ago | cert-portal.siemens.com
attacker buffer buffer overflow code +16
SSA-822518 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 … 1 month ago | cert-portal.siemens.com
advisory alto countermeasures customers +18
SSA-455250 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 devices 1 month ago | cert-portal.siemens.com
advisory alto countermeasures customers +18
SSA-265688 V1.0: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 1 month ago | cert-portal.siemens.com
countermeasures fix fixes gnu +7
SSA-730482 V1.0: Denial of Service Vulnerability in SIMATIC WinCC 1 month ago | cert-portal.siemens.com
attacker box denial of service dialog +14
SSA-556635 V1.0: Multiple Vulnerabilities in Telecontrol Server Basic before V3.1.2.0 1 month ago | cert-portal.siemens.com
1.2.0 basic fixes server +4
SSA-128433 V1.0: Multiple Vulnerabilities in SINEC NMS before V2.0 SP2 1 month ago | cert-portal.siemens.com
latest nms siemens sinec +4

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Manager, Response Analytics & Insights (Fraud Threat Management)

@ Scotiabank | Toronto, ON, CA, M3C0N5
View on infosec-jobs.com

Cybersecurity Risk Analyst IV

@ Computer Task Group, Inc | Buffalo, NY, United States
View on infosec-jobs.com

Information System Security Engineer (ISSE) – Risk Management Framework (RMF), AWS, ACAS, ESS.

@ ARA | Raleigh, North Carolina, United States
View on infosec-jobs.com

2024 Fall Cybersecurity Engineering Intern | Novi, MI

@ Dana Incorporated | Novi, MI, US, 48377
View on infosec-jobs.com

Consultant Sharepoint

@ Talan | Luxembourg, Luxembourg
View on infosec-jobs.com

Senior Information Systems Security Officer (ISSO) - onsite Tucson, AZ

@ RTX | AZ842: RMS AP Bldg 842 1151 East Hermans Road Building 842, Tucson, AZ, 85756 USA
View on infosec-jobs.com
View more jobs