CVE-2021-44446

CVE-2021-44446

Vendor Siemens

Product JT Utilities

Weakness CWE-787

Published December 14, 2021

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14828, ZDI-CAN-14898)

Key dates

02Disclosure timeline

December 14, 2021 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-44446 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

Identifiers

CVE CVE-2021-44446

CWE CWE-787

Affected versions

Vendor Siemens

Product JT Utilities

Affected All versions < V13.0.3.0

Vendor Siemens

Product JTTK

Affected All versions < V11.0.3.0

01Description

02Disclosure timeline

03References

04Related CVE