Out-of-bounds Read in Siemens Jttk

CVE-2021-44436

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing spec…

Vulnerability class: Buffer Overflow

EPSS: 0.002 (40.8th percentile) — read the EPSS interpretation.

Affected products

Siemens Jttk — versions All versions < V11.1.1.0
Siemens Jt Utilities — versions All versions < V13.1.1.0

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

cert-portal.siemens.com/productcert/pdf/ssa-802578.pdf (x_refsource_MISC)