Description
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
Scores
CVSS v3
5.5
EPSS
0.0016
EPSS Percentile
37.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-190
CWE-680
Status
published
Products (2)
siemens/jt2go
< 13.3.0.3
siemens/teamcenter_visualization
13.3 - 13.3.0.3
Published
May 20, 2022
Tracked Since
Feb 18, 2026