High severity7.8NVD Advisory· Published Dec 14, 2021· Updated Jun 17, 2026
CVE-2021-44446
CVE-2021-44446
Description
A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14828, ZDI-CAN-14898)
Affected products
4< V11.0.3.0+ 1 more
- (no CPE)range: < V11.0.3.0
- (no CPE)range: All versions < V11.0.3.0
< V13.0.3.0+ 1 more
- (no CPE)range: < V13.0.3.0
- (no CPE)range: All versions < V13.0.3.0
Patches
Vulnerability mechanics
References
1- cert-portal.siemens.com/productcert/pdf/ssa-352143.pdfnvdVendor Advisory
News mentions
0No linked articles in our index yet.