PT-2012-55: Remote code execution in Siemens Teamcenter Vulnerable productSiemens Teamcenter Version: 2007 and 8.0Application link: http://www.plm.automation.siemens.com/en_us/products/teamcenter/index.shtmlSeverity levelSeverity level: High Impact: Remote code execution Access Vector: Remote CVSS v2: Base Score: 10 Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE: not assignedProduct descriptionTeamcenter product life cycle management software helps companies deliver increasingly complex products while maximizing productivity and streamlining global operations.Vulnerability descriptionThe specialists of Positive Research, the Positive Technologies company research center, found a Remote code execution vulnerability in Siemens Teamcenter. Teamcenter Secure File Management Service (tcfs) vulnerability exists because of invalid usage of memcpy function with the destination address and length received from TCP packet.How to fixUpdate your software up to the latest versionAdvisory status09.10.2012 - Vendor is notified 09.10.2012 - Vendor gets vulnerability details 13.11.2012 - Vendor publishes fix information 04.02.2013 - Public disclosureCreditsThe vulnerability has discovered by Ilya Smit, Dmitry Efanov, Positive Research Center (Positive Technologies Company)Referenceshttp://en.securitylab.ru/lab/PT-2012-55 http://support.industrysoftware.automation.siemens.com/gtac.shtml Reports on the vulnerabilities previously discovered by Positive Research:http://ptsecurity.com/research/advisory/ http://en.securitylab.ru/lab/