CVE-2021-25173
published 2021-01-18CVE-2021-25173: An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opendesign | drawings_software_development_kit | < 2021.12 | 2021.12 |
| siemens | comos | < 10.4.1 | 10.4.1 |
| siemens | jt2go | < 13.1.0.1 | 13.1.0.1 |
| siemens | teamcenter_visualization | < 13.1.0.1 | 13.1.0.1 |