Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Siemens Updates JT Open PLM XML SDK Globally

July 11, 2024
Reading Time: 2 mins read
in Alerts

Siemens has released updates addressing vulnerabilities in its JT Open and PLM XML SDK software. These vulnerabilities, including a NULL pointer dereference and a stack-based buffer overflow, could allow attackers to crash the applications or execute arbitrary code. The vulnerabilities impact all versions of the software, and Siemens advises users to update to JT Open version 11.5 and PLM XML SDK version 7.1.0.014 or later.

The affected vulnerabilities include CWE-476 (NULL pointer dereference) and CWE-121 (stack-based buffer overflow). The first vulnerability could result in application crashes due to malformed XML files, while the second could allow code execution in the context of the current process. Both vulnerabilities have been assigned CVEs, with CVE-2024-37996 and CVE-2024-37997 having CVSS v4 scores of 4.8 and 7.3, respectively.

Siemens has provided recommendations for users to avoid these vulnerabilities. Besides updating to the latest versions, users are urged not to open untrusted XML files in affected applications. Siemens also recommends general security measures, such as protecting network access to devices and following the company’s industrial security guidelines.

CISA supports Siemens’ mitigations by advising organizations to minimize network exposure for control system devices, place them behind firewalls, and use VPNs for remote access. While no public exploitation of these vulnerabilities has been reported, Siemens and CISA encourage implementing defense-in-depth strategies to safeguard critical infrastructure.

Reference:
  • Siemens Addresses Critical Flaws in JT Open PLM XML SDK Globally
Tags: Cyber AlertsCyber Alerts 2024Cyber threatsJuly 2024SDKSiemensSoftwareVulnerabilities
ADVERTISEMENT

Related Posts

Chrome Extensions Leak Data And API Keys

Chrome Extensions Leak Data And API Keys

June 6, 2025
Chrome Extensions Leak Data And API Keys

AMOS Stealer Hits macOS Via Fake CAPTCHA

June 6, 2025
Chrome Extensions Leak Data And API Keys

BADBOX Turns 1M+ IoT Devices Into Proxies

June 6, 2025
UNC6040 Vishing Group Target Salesforce Data

UNC6040 Vishing Group Target Salesforce Data

June 5, 2025
New Chaos RAT Variant Hits Windows and Linux

New Chaos RAT Variant Hits Windows and Linux

June 5, 2025
New Chaos RAT Variant Hits Windows and Linux

FBI Warns Hedera NFT Airdrop Crypto Scam

June 5, 2025

Latest Alerts

AMOS Stealer Hits macOS Via Fake CAPTCHA

Chrome Extensions Leak Data And API Keys

BADBOX Turns 1M+ IoT Devices Into Proxies

FBI Warns Hedera NFT Airdrop Crypto Scam

New Chaos RAT Variant Hits Windows and Linux

UNC6040 Vishing Group Target Salesforce Data

Subscribe to our newsletter

    Latest Incidents

    German Dog Rescue IG Hacked For Ransom

    Hack Attempt Hits German Police Phone System

    InfoJobs Spain Hit By Credential Stuffing

    KiranaPro Startup Hacked All Data Wiped

    Nervos Bridge Paused After $3.9 Million Hack

    Ukraine GUR Claims Tupolev Data Theft Hack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial