CVE-2023-38074

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 12, 2023

Updated: Jan 25, 2024

CWE ID 843

Summary

CVE-2023-38074 is a newly discovered vulnerability affecting multiple Siemens software applications, including JT2Go (versions < V14.3.0.1), Teamcenter Visualization (versions < indicated), and Tecnomatix Plant Simulation (versions < indicated). These applications contain a type confusion vulnerability when processing WRL files, which could enable an attacker to execute arbitrary code in the context of the current process. This issue was identified by ZDI and poses a significant risk if not addressed promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens Teamcenter Visualization
Siemens JT2GO
Teamcenter

Affected Vendors

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sqYm4z
https://www.cve.org/CVERecord?id=CVE-2023-38074
https://nvd.nist.gov/vuln/detail/CVE-2023-38074

Back to Vulnerability Database