Description
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
Related CPE's
Vulnerable
Vulnerable
Vulnerable
References
https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf
Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01
Third Party AdvisoryUS Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-21-566/
Third Party AdvisoryVDB Entry
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-05-27T17:15:07.950
4 years agoLast modified
2021-06-09T18:14:09.383
4 years ago