Siemens patches 21 vulnerabilities in two of its virtualization software tools that, if exploited, could enable attackers to gain remote control, exfiltrate data, and cause systems to crash. The company is urging customers to shift to updated versions of the software that fix the flaws.
Siemens reports that the flaws dubbed SSA-663999 are file parsing vulnerabilities that affect Teamcenter, an enterprise visualization tool, and JT2Go, a 3D viewing tool, in versions earlier than V13.1.0.1. The flaws come into effect when the tools read files in formats such as BMP, PAR, TIFF, etc.
To help prevent attacks, Siemens also advises users to limit the opening of untrusted files from unknown sources in the affected products.
To Read More: Govinfosecurity