{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T10:23:16.504","vulnerabilities":[{"cve":{"id":"CVE-2022-39136","sourceIdentifier":"productcert@siemens.com","published":"2022-11-08T11:15:11.247","lastModified":"2024-11-21T07:17:38.893","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V13.3 (All versions >= V13.3.0.7 < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application is vulnerable to fixed-length heap-based buffer while parsing specially crafted TIF files. An attacker could leverage this vulnerability to execute code in the context of the current process."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones < V14.1.0.4), Teamcenter Visualization V13.2 (Todas las versiones < V13.2.0.12), Teamcenter Visualization V13.3 (Todas las versiones < V13.3.0. 7), Teamcenter Visualization V13.3 (Todas las versiones >= V13.3.0.7 < V13.3.0.8), Teamcenter Visualization V14.0 (Todas las versiones < V14.0.0.3), Teamcenter Visualization V14.1 (Todas las versiones < V14.1.0.4). La aplicación afectada es vulnerable al búfer basado en montón de longitud fija mientras analiza archivos TIF especialmente manipulados. Un atacante podría aprovechar esta vulnerabilidad para ejecutar código en el contexto del proceso actual."}],"metrics":{"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*","versionEndExcluding":"14.1.0.4","matchCriteriaId":"FD5EAF75-B0F4-4792-9833-085B9D830FCE"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*","versionEndIncluding":"13.3.0.7","matchCriteriaId":"68C38035-5616-4F26-BB00-CE837B353144"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0","versionEndExcluding":"14.0.0.3","matchCriteriaId":"0F811DB6-3650-4BCB-A538-AAECF63EA085"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1","versionEndExcluding":"14.1.0.4","matchCriteriaId":"175648D0-81ED-4AC9-AF2D-4C9E93814C36"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf","source":"productcert@siemens.com","tags":["Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}