Buffer overflow in Siemens Jttk

CVE-2021-44440

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to memory corruption condition while parsing specially crafted JT files. An at…

Vulnerability class: Buffer Overflow

EPSS: 0.004 (59.0th percentile) — read the EPSS interpretation.

Affected products

Siemens Jttk — versions All versions < V11.1.1.0
Siemens Jt Utilities — versions All versions < V13.1.1.0

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cert-portal.siemens.com/productcert/pdf/ssa-802578.pdf (x_refsource_MISC)