CVE-2021-33715

A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a race condition could cause an object to be released before being operated on, leading to NULL pointer deference condition and causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.

Published: Jul 13, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-33715
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
siemens / jt_utilities	-	13.0.2.0

https://cert-portal.siemens.com/productcert/pdf/ssa-209268.pdf

Vulnerability Database

290,020

CVE-2021-33715