CVE-2021-34293

CVE-2021-34293

Vendor Siemens

Product JT2Go

Weakness CWE-787

Published July 13, 2021

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13020)

Key dates

02Disclosure timeline

July 13, 2021 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-34293 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

Identifiers

CVE CVE-2021-34293

CWE CWE-787

Affected versions

Vendor Siemens

Product JT2Go

Affected All versions < V13.2

Vendor Siemens

Product Teamcenter Visualization

Affected All versions < V13.2

01Description

02Disclosure timeline

03References

04Related CVE