This issue is resolved in APDFL.dll in Siemens JT2Go V14.2.0.18 and Siemens Teamcenter Visualization V14.2.0.18 and later versions. Patch your software as soon as possible. In addition, in Siemens Teamcenter Visualization prior to V14.0.0.2, a user with access to a process could take control of that process by creating a specially crafted PDF document. An attacker could exploit this vulnerability to install a malicious software that would allow the attacker to take control of a Teamcenter process. This issue is resolved in Siemens Teamcenter Visualization V14.2.0.18 and later versions. Patch your software as soon as possible. In addition, in Siemens Teamcenter Visualization prior to V14.0.0.2, a user with access to a process could take control of that process by creating a specially crafted PDF document. An attacker could exploit this vulnerability to install a malicious software that would allow the attacker to take control of a Teamcenter process.
APDFL.dll
- CVE-2022-2069
This vulnerability is a local privilege escalation vulnerability. It allows an unprivileged user to gain administrator privileges on a remote computer through the APDFL32 process. The attacker could exploit this vulnerability to drop a malicious software that would allow the attacker to take control of a Teamcenter process.
APDFL.dll Information
This issue is resolved in APDFL.dll in Siemens JT2Go V14.2.0.18 and Siemens Teamcenter Visualization V14.2.0.18 and later versions. Patch your software as soon as possible. In addition, in Siemens Teamcenter Visualization prior to V14.0.0.2, a user with access to a process could take control of that process by creating a specially crafted PDF document. An attacker could exploit this vulnerability to install a malicious software that would allow the attacker to take control of a Teamcenter process.
Timeline
Published on: 10/20/2022 17:15:00 UTC
Last modified on: 10/21/2022 19:05:00 UTC