CVE-2022-29028
MEDIUMJT2Go, Teamcenter Visualization <13.3.0.3, 14.0.0.1 - DoS
Title source: llmDescription
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://cert-portal.siemens.com/productcert/pdf/ssa-553086.pdf
Scores
CVSS v3
5.5
EPSS
0.0050
EPSS Percentile
38.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-835
Status
published
Products (2)
siemens/jt2go
< 13.3.0.3
siemens/teamcenter_visualization
13.3 - 13.3.0.3
Published
May 20, 2022
Tracked Since
Feb 18, 2026