{"cve":{"cve_id":"CVE-2022-41851","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00232,"epss_percentile":0.13761,"epss_as_of":"2026-06-23","description":"A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-16973)","published_at":"2022-10-11T00:00:00Z","last_modified_at":null,"cvss_v3_score":7.8,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"total","cwes":["CWE-824"],"nvd_references":["https://cert-portal.siemens.com/productcert/pdf/ssa-611756.pdf"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T01:20:09.065395Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"siemens","vendor_name":"Siemens","product_slug":"jttk","product_name":"JTTK","version_start":"All versions < V11.1.1.0","version_start_inclusive":true,"version_end":"All versions < V11.1.1.0","version_end_inclusive":true,"cpe23_uri":"cve5:siemens:jttk:All versions < V11.1.1.0:All versions < V11.1.1.0"},{"vendor_slug":"siemens","vendor_name":"Siemens","product_slug":"simcenter-femap-v2022.1","product_name":"Simcenter Femap V2022.1","version_start":"All versions < V2022.1.3","version_start_inclusive":true,"version_end":"All versions < V2022.1.3","version_end_inclusive":true,"cpe23_uri":"cve5:siemens:simcenter-femap-v2022.1:All versions < V2022.1.3:All versions < V2022.1.3"},{"vendor_slug":"siemens","vendor_name":"Siemens","product_slug":"simcenter-femap-v2022.2","product_name":"Simcenter Femap V2022.2","version_start":"All versions < V2022.2.2","version_start_inclusive":true,"version_end":"All versions < V2022.2.2","version_end_inclusive":true,"cpe23_uri":"cve5:siemens:simcenter-femap-v2022.2:All versions < V2022.2.2:All versions < V2022.2.2"}],"exploit_refs":[],"news":[],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-611756.pdf","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2022-10-11T00:00:00Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:24:02.830174Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:24:02.830174Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:24:02.830174Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:20:09.065395Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:20:09.065395Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:20:09.065395Z","label":"SSVC decision revised","source":"vulnrichment"}]}