CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-26993

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer in the font index handling function. An attacker could leverage this vulnerability to execute code in the context of the current process.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 73.9%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

Products affected by CVE-2020-26993

Siemens » Jt2go » Version: N/A

cpe:2.3:a:siemens:jt2go:-
Siemens » Teamcenter Visualization » Version: N/A

cpe:2.3:a:siemens:teamcenter_visualization:-
Siemens » Teamcenter Visualization » Version: 12.4.0

cpe:2.3:a:siemens:teamcenter_visualization:12.4.0
Siemens » Teamcenter Visualization » Version: 13.0.0

cpe:2.3:a:siemens:teamcenter_visualization:13.0.0
Siemens » Teamcenter Visualization » Version: 8.0.9085

cpe:2.3:a:siemens:teamcenter_visualization:8.0.9085

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-26993

Products

Pricing

Contact Us