Buffer overflow in Siemens Jttk

CVE-2021-44449

A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing special…

Vulnerability class: Buffer Overflow

EPSS: 0.004 (62.2th percentile) — read the EPSS interpretation.

Affected products

Siemens Jttk — versions All versions < V10.8.1.1
Siemens Jt Utilities — versions All versions < V12.8.1.1

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

cert-portal.siemens.com/productcert/pdf/ssa-396621.pdf (x_refsource_MISC)