CVE-2023-7066 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
siemens	jt2go	𝑥 < 14.3.0.8	ADP
siemens	teamcenter_visualization	𝑥 < 14.1.0.14	ADP
siemens	teamcenter_visualization	𝑥 < 14.2.0.10	ADP
siemens	teamcenter_visualization	𝑥 < 14.3.0.8	ADP
siemens	teamcenter_visualization	𝑥 < 2312.0002	ADP
siemens	teamcenter_visualization	𝑥 < 14.1.0.14	ADP
siemens	teamcenter_visualization	𝑥 < 14.2.0.10	ADP
siemens	teamcenter_visualization	𝑥 < 14.3.0.8	ADP
siemens	teamcenter_visualization	𝑥 < 2312.0002	ADP
siemens	teamcenter_visualization	𝑥 < 14.1.0.14	ADP
siemens	teamcenter_visualization	𝑥 < 14.2.0.10	ADP
siemens	teamcenter_visualization	𝑥 < 14.3.0.8	ADP
siemens	teamcenter_visualization	𝑥 < 2312.0002	ADP
siemens	teamcenter_visualization	𝑥 < 14.1.0.14	ADP
siemens	teamcenter_visualization	𝑥 < 14.2.0.10	ADP
siemens	teamcenter_visualization	𝑥 < 14.3.0.8	ADP
siemens	teamcenter_visualization	𝑥 < 2312.0002	ADP

Common Weakness Enumeration

CWE-125 - Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.

References

https://cert-portal.siemens.com/productcert/html/ssa-722010.html

https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-03