-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# SSA-629917: Datalogics File Parsing Vulnerability in Teamcenter Visualization
and JT2Go

Publication Date:        2023-04-11
Last Update:             2023-04-11
Current Version:         1.0
CVSS v3.1 Base Score:    7.8


SUMMARY
=======

Siemens Teamcenter Visualization and JT2Go are affected by a memory
corruption vulnerability in the APDFL library from Datalogics. If a
user is tricked to open a malicious PDF file with the affected
products, this could lead the application to crash or potentially lead
to arbitrary code execution.

Siemens has released updates for the affected products and recommends
to update to the latest versions.


AFFECTED PRODUCTS AND SOLUTION
==============================


* JT2Go 
  - Affected versions:
       All versions < V14.2.0.2
  - Remediation:
       Update to V14.2.0.2 or later version
  
       See recommendations from section "Workarounds and Mitigations"
  - Download:
       https://www.plm.automation.siemens.com/global/en/products/plm-compone
       nts/jt2go.html


* Teamcenter Visualization V13.2 
  - Affected versions:
       All versions < V13.2.0.13
  - Remediation:
       Update to V13.2.0.13 or later version
  
       See recommendations from section "Workarounds and Mitigations"
  - Download:
       https://support.sw.siemens.com/


* Teamcenter Visualization V13.3 
  - Affected versions:
       All versions < V13.3.0.9
  - Remediation:
       Update to V13.3.0.9 or later version
  
       See recommendations from section "Workarounds and Mitigations"
  - Download:
       https://support.sw.siemens.com/


* Teamcenter Visualization V14.0 
  - Affected versions:
       All versions < V14.0.0.5
  - Remediation:
       Update to V14.0.0.5 or later version
  
       See recommendations from section "Workarounds and Mitigations"
  - Download:
       https://support.sw.siemens.com/


* Teamcenter Visualization V14.1 
  - Affected versions:
       All versions < V14.1.0.7
  - Remediation:
       Update to V14.1.0.7 or later version
  
       See recommendations from section "Workarounds and Mitigations"
  - Download:
       https://support.sw.siemens.com/


* Teamcenter Visualization V14.2 
  - Affected versions:
       All versions < V14.2.0.2
  - Remediation:
       Update to V14.2.0.2 or later version
  
       See recommendations from section "Workarounds and Mitigations"
  - Download:
       https://support.sw.siemens.com/



WORKAROUNDS AND MITIGATIONS
===========================

Siemens has identified the following specific workarounds and mitigations that
customers can apply to reduce the risk:

  * Avoid to open untrusted files in JT2Go and Teamcenter Visualization

Product-specific remediations or mitigations can be found in the section
"Affected Products and Solution".
Please follow the "General Security Recommendations".

GENERAL SECURITY RECOMMENDATIONS
================================

As a general security measure, Siemens strongly recommends to protect
network access to devices with appropriate mechanisms. In order to
operate the devices in a protected IT environment, Siemens recommends
to configure the environment according to Siemens' operational
guidelines for Industrial Security (Download:

https://www.siemens.com/cert/operational-guidelines-industrial-
security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found
at: https://www.siemens.com/industrialsecurity


PRODUCT DESCRIPTION
===================

JT2Go is a 3D JT viewing tool to allow users to view JT, PDF, Solid
Edge, PLM XML with available JT, VFZ, CGM, and TIF data.

Teamcenter Visualization software enables enterprises to enhance their
product lifecycle management (PLM) environment with a comprehensive
family of visualization solutions. The software enables enterprise
users to access documents, 2D drawings and 3D models in a single
environment.


VULNERABILITY CLASSIFICATION
============================

The vulnerability classification has been performed by using the CVSS scoring
system in version 3.1 (CVSS v3.1) (https://www.first.org/cvss/). The CVSS
environmental score is specific to the customer's environment and will impact
the overall CVSS score. The environmental score should therefore be
individually defined by the customer to accomplish final scoring.

An additional classification has been performed using the CWE classification, a
community-developed list of common software security weaknesses. This serves as
a common language and as a baseline for weakness identification, mitigation,
and prevention efforts. A detailed list of CWE classes can be found at:
https://cwe.mitre.org/.



* Vulnerability CVE-2023-1709

  The APDFL.dll contains a memory corruption vulnerability while
  parsing specially crafted PDF files. This could allow an attacker to
  execute code in the context of the current process.

    CVSS v3.1 Base Score: 7.8
    CVSS Vector:          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
    CWE:                  CWE-121: Stack-based Buffer Overflow




ACKNOWLEDGMENTS
===============

Siemens thanks the following party for its efforts:

   * Michael Heinzl for coordinated disclosure


ADDITIONAL INFORMATION
======================

This advisory covers security vulnerabilities (CVE-2023-1709) in
APDFL
library in Datalogics [1].

[1] Datalogics Release Notes SF#45203: 

https://dev.datalogics.com/adobe-pdf-library/release-notes-adobe-pdf-
library-v-18/

For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:

https://www.siemens.com/cert/advisories


HISTORY DATA
============

V1.0 (2023-04-11): Publication date

TERMS OF USE
============

Siemens Security Advisories are subject to the terms and conditions contained
in Siemens' underlying license terms or other applicable agreements previously
agreed to with Siemens (hereinafter "License Terms"). To the extent applicable
to information, software or documentation made available in or through a
Siemens Security Advisory, the Terms of Use of Siemens' Global Website
(https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in
particular Sections 8-10 of the Terms of Use, shall apply additionally. In case
of conflicts, the License Terms shall prevail over the Terms of Use.

Copyright: Siemens 2023
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEHyx/myPwjH9jB9tDlm7gTEmyujQFAmQ0owAACgkQlm7gTEmy
ujRitw//b21W1jdxvrHImbr269b5lK8iUcGmh3pXiswTf0Sf8VION7fQ/1828gja
wtO1K6I8pzgnFMlYZ2Z4dmejegc78x64ni66Wr59SmM5cD2By+tEpMJRdDl/0xaF
wghOR1LC+QIyvpUyH30axcC4LoB2AMCIT98pNHupXEN7JI3ALfkTXQY0qvlkZhzA
Dq06ep382mIqyUan3pSJ/IjXrM8RRhfwPx/MCFlksPPotkMguB9c03HmYOmuctYM
Vsmc1hkD7AfVfAsuVybluja8UP3RjLqX20q1t7rzKoV+qXYXYOQWXB9qQDpsyUvt
YZtbfu3eh66wtSmGoH2234Y5+NUIaa6vkqVuwMFwLxCkxY364Kj+Hc52k2EV2+jn
i9woCpgX0K6UKPJ5CXCrnPrwjWKUPhUMLccdvIPPjshlXom+Cq6MdSxYngVtccWJ
pvRyXTlfaLPm6EGqG3VKts3QOx0a42vfKrIAmj/Q73/zmN5WAdK7oE+C9bsgpDvX
E8EXz/ORCCbrV4I6T/Vn/Rk0joKKJFgPdrUPLEGz3IcfGA5HUEbbbb53i7Vf1tOp
dukrH60Nj8LOTPRAwTQslEKRzwy7WOURafOU7hPDdBJe8sD2vbO8Q/UzaUyW+E0y
2IJLib1W2WcglYUuW2EhKIoO4On3bFzRUO9gBMK7ZO5aq1jnswA=
=L4TJ
-----END PGP SIGNATURE-----