Rewterz Threat Advisory – ICS: Siemens JT2Go and Teamcenter Visualization

Severity

High

Analysis Summary

CVE-2020-26998

Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information.

CVE-2020-26999

Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information.

CVE-2020-27001

Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process.

CVE-2020-27002

Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process.

CVE-2020-26991

Affected applications lack proper validation of user-supplied data when parsing ASM files. This could lead to pointer dereferences of a value obtained from an untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process.

Impact

• Information breach
• Code execution

Affected Vendors

Siemens

Affected Products

• JT2Go: All versions prior to v13.1.0.2
• Teamcenter Visualization: All versions prior to v13.1.0.2

Remediation

Refer to vendor advisory for the complete list of affected products and their respective patches at https://us-cert.cisa.gov/ics/advisories/icsa-21-147-04