The biggest advisory covers 21 security holes affecting JT2Go, a 3D viewing tool for JT data (ISO-standardized 3D data format), and Teamcenter Visualization, which provides organizations visualization solutions for documents, 2D drawings and 3D models. These products are made by Siemens Digital Industries Software, which specializes in product lifecycle management (PLM) solutions.
All of these vulnerabilities are related to how certain types of files are parsed by these products. An attacker can exploit them for arbitrary code execution, data extraction and DoS attacks if they can trick the targeted user into opening a malicious file.
