CVE-2021-32938
published 2021-06-17CVE-2021-32938: Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of…
high7.1CVSS 3.1
AVLACLPRNUIRSUCHINAH
Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opendesign | drawings_sdk | < 2022.4 | 2022.4 |
| opendesign | drawings_sdk | — | — |
| siemens | comos | < 10.4.1 | 10.4.1 |
| siemens | jt2go | < 13.2.0.1 | 13.2.0.1 |
| siemens | teamcenter_visualization | < 13.2.0.1 | 13.2.0.1 |