CVE-2022-47936
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150). The affected application contains a stack overflow vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-12-23 CVE Reserved
- 2023-02-14 CVE Published
- 2024-07-27 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-121: Stack-based Buffer Overflow
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf | 2023-02-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Jt Open Toolkit Search vendor "Siemens" for product "Jt Open Toolkit" | < 11.2.3.0 Search vendor "Siemens" for product "Jt Open Toolkit" and version " < 11.2.3.0" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Jt Utilities Search vendor "Siemens" for product "Jt Utilities" | < 11.2.3.0 Search vendor "Siemens" for product "Jt Utilities" and version " < 11.2.3.0" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Parasolid Search vendor "Siemens" for product "Parasolid" | >= 34.0 < 34.0.252 Search vendor "Siemens" for product "Parasolid" and version " >= 34.0 < 34.0.252" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Parasolid Search vendor "Siemens" for product "Parasolid" | >= 34.1 < 34.1.242 Search vendor "Siemens" for product "Parasolid" and version " >= 34.1 < 34.1.242" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Parasolid Search vendor "Siemens" for product "Parasolid" | >= 35.0 < 35.0.170 Search vendor "Siemens" for product "Parasolid" and version " >= 35.0 < 35.0.170" | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Parasolid Search vendor "Siemens" for product "Parasolid" | >= 35.1 < 35.1.150 Search vendor "Siemens" for product "Parasolid" and version " >= 35.1 < 35.1.150" | - |
Affected
| ||||||