Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-44016

EPSS 0.31% · P54
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-44016

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll library is vulnerable to memory corruption condition while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15110)
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Siemens产品缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens JT2GO等都是德国Siemens公司的产品。Siemens JT2GO是一款JT文件查看器。Siemens Teamcenter Visualization是一个可为设计2D、3D场景提供团队协作功能的软件。Siemens Solid Edge是一款三维CAD软件。 Siemens Solid Edge、JT2Go和Teamcenter Visualization 中存在缓冲区错误漏洞,该漏洞源于 plmxmlAdapterSE70.dll 库在解析特制 PAR 文件时容易受到内存损坏情
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
SiemensJT2Go All versions < V13.2.0.7 -
SiemensSolid Edge SE2021 All versions < SE2021MP9 -
SiemensSolid Edge SE2022 All versions < SE2022MP1 -
SiemensTeamcenter Visualization V13.1 All versions < V13.1.0.9 -
SiemensTeamcenter Visualization V13.2 All versions < V13.2.0.7 -
SiemensTeamcenter Visualization V13.3 All versions < V13.3.0.1 -

II. Public POCs for CVE-2021-44016

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-44016

登录查看更多情报信息。

Same Patch Batch · Siemens · 2022-02-09 · 23 CVEs total

CVE-2021-372047.5 HIGHSiemens SIMATIC S7-1500系列产品输入验证错误漏洞
CVE-2021-372057.5 HIGHSiemens SIMATIC S7-1500 系列产品输入验证错误漏洞
CVE-2021-371857.5 HIGHSiemens SIMATIC S7-1500 系列产品输入验证错误漏洞
CVE-2021-46153Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2022-23312Siemens Spectrum Power 跨站脚本漏洞
CVE-2022-23102Siemens SINEMA Remote Connect Server 输入验证错误漏洞
CVE-2021-46161Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2021-46160Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2021-46159Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2021-46158Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2021-46157Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2021-46156Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2021-46155Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2021-46154Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2021-46152Siemens Simcenter Femap 安全漏洞
CVE-2021-46151Siemens Simcenter Femap 缓冲区错误漏洞
CVE-2021-45106Siemens Sicam Toolbox II 信任管理问题漏洞
CVE-2021-44018多款Siemens产品缓冲区错误漏洞
CVE-2021-44000多款Siemens产品缓冲区错误漏洞
CVE-2021-40363Siemens SIMATIC PCS 7和SIMATIC WinCC 授权问题漏洞

Showing top 20 of 23 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: JT2Go
Same vendor: Siemens
Same weakness: CWE-119

V. Comments for CVE-2021-44016

No comments yet

Leave a comment