CVE-2024-37997: 
Siemens JT2Go vulnerability analysis and mitigation

A stack-based buffer overflow vulnerability (CVE-2024-37997) was identified in multiple Siemens products including JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), and various versions of Teamcenter Visualization. The vulnerability was discovered and disclosed in July 2024, affecting applications that parse XML files (Siemens Advisory, CISA Advisory).

The vulnerability is classified as a stack-based buffer overflow (CWE-121) that occurs while parsing specially crafted XML files. It has received a CVSS v3.1 base score of 7.8 (HIGH) with vector string AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, and a CVSS v4.0 base score of 7.3 with vector string CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N (Siemens Advisory).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code in the context of the current process. The vulnerability affects critical manufacturing sectors worldwide and requires user interaction to open a malicious XML file (CISA Advisory).

Siemens has released updates for all affected products and recommends updating to the latest versions: JT Open to V11.5 or later, JT2Go to V2406.0003 or later, PLM XML SDK to V7.1.0.014 or later, and respective updates for various Teamcenter Visualization versions. As a workaround, users are advised not to open untrusted XML files in affected applications (Siemens Advisory, Siemens Advisory 2).