1. Home
  2. CVE Database
  3. CVE-2022-47935
HIGH · 7.8

CVE-2022-47935

A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulne...

Vulnerability Description

A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19078)

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
SiemensJt Open Toolkit< 11.1.1.0
SiemensJt Utilities< 13.1.1.0
SiemensSolid Edge< se2023

Related Weaknesses (CWE)

CWE-119CWE-787

References

FAQ

What is CVE-2022-47935?

CVE-2022-47935 is a vulnerability with a CVSS score of 7.8 (HIGH). A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulne...

How severe is CVE-2022-47935?

CVE-2022-47935 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-47935?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Jt Open Toolkit, Siemens Jt Utilities, Siemens Solid Edge.