CVE-2022-29033

Description

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Risk Information

Base Score

7.8

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

0.293

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities are affected in JT2Go 13.1.0.2	Windows
Multiple Vulnerabilities are affected in Siemens Teamcenter Visualization 13.3.0	Windows
Multiple Vulnerabilities are affected in Siemens Teamcenter Visualization *	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-343259	JT2Go (15.1.24284.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234