Buffer overflow in Siemens Jttk

CVE-2021-44435

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to stack based buffer overflow while parsing specially crafted JT files. An at…

Vulnerability class: Buffer Overflow

EPSS: 0.009 (75.3th percentile) — read the EPSS interpretation.

Affected products

Siemens Jttk — versions All versions < V11.1.1.0
Siemens Jt Utilities — versions All versions < V13.1.1.0

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

References

cert-portal.siemens.com/productcert/pdf/ssa-802578.pdf (x_refsource_MISC)