Siemens JT2Go and Teamcenter Visualization

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could lead to arbitrary code execution or information leakage.

CVE-2020-26991 CVE-2020-26998 CVE-2020-26999 CVE-2020-27001 CVE-2020-27002

Update to V13.1.0.2 or later version
Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Siemens

Siemens · JT2Go < V13.1.0.2

Siemens · Teamcenter Visualization < V13.1.0.2

Critical Manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.