Description

Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.

Related CPE's

a

datakit

crosscadware

Vulnerable

a

luxion

keyshot

Vulnerable

o

siemens

solid_edge_se2020_firmware

Vulnerable

h

siemens

solid_edge_se2020

-

o

siemens

solid_edge_se2021_firmware

Vulnerable

h

siemens

solid_edge_se2021

-

References

https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf

Third Party Advisory

https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01

Third Party AdvisoryUS Government Resource

https://www.zerodayinitiative.com/advisories/ZDI-21-566/

Third Party AdvisoryVDB Entry

Weaknesses

[email protected]

Primary
CWE-125

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-05-27T17:15:07.950

4 years ago

Last modified

2021-06-09T18:14:09.383

4 years ago