Buffer overflow in Siemens Jttk

CVE-2021-44442

A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the fixed-length heap-based buffer while parsing specia…

Vulnerability class: Buffer Overflow

EPSS: 0.004 (62.2th percentile) — read the EPSS interpretation.

Affected products

Siemens Jttk — versions All versions < V11.1.1.0
Siemens Jt Utilities — versions All versions < V13.1.1.0

Weakness classification (CWE)

CWE-122 — Heap-based Buffer Overflow

References

cert-portal.siemens.com/productcert/pdf/ssa-802578.pdf (x_refsource_MISC)