CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-22643 – Siemens Solid Edge Viewer 3DS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22643
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code. Luxion KeyShot versiones anteriores a 10.1, Luxion KeyShot Viewer versiones anteriores a 10.1, Luxion KeyShot Network Rendering versiones anteriores a 10.1 y Luxion KeyVR versiones anteriores a 10.1, son vulnerables a una lectura fuera de límites mientras se procesan archivos de proyecto, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/pdf/ssa-231216.pdf https://us-cert.cisa.gov/ics/advisories/icsa-21-035-01 https://www.zerodayinitiative.com/advisories/ZDI-21-316 https://www.zerodayinitiative.com/advisories/ZDI-21-319 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-22645 – Siemens Solid Edge Viewer Insufficient UI Warning Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22645
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” command, which can be pointed to a .dll from a remote network share. As a result, the .dll entry point can be executed without sufficient UI warning. Luxion KeyShot versiones anteriores a 10.1, Luxion KeyShot Viewer versiones anteriores a 10.1, Luxion KeyShot Network Rendering versiones anteriores a 10.1 y Luxion KeyVR versiones anteriores a 10.1, son vulnerables a un ataque porque los documentos .bip muestran un comando "load", que puede ser apuntado a una .dll desde un recurso compartido de red remoto. Como resultado, el punto de entrada .dll puede ser ejecutado sin suficiente advertencia de la Interfaz de Usuario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of BIP files. • https://cert-portal.siemens.com/productcert/pdf/ssa-231216.pdf https://us-cert.cisa.gov/ics/advisories/icsa-21-035-01 https://www.zerodayinitiative.com/advisories/ZDI-21-323 • CWE-357: Insufficient UI Warning of Dangerous Operations •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-22649 – Siemens Solid Edge Viewer JT File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-22649
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project files, which may allow an attacker to execute arbitrary code. Luxion KeyShot versiones anteriores a 10.1, Luxion KeyShot Viewer versiones anteriores a 10.1, Luxion KeyShot Network Rendering versiones anteriores a 10.1 y Luxion KeyVR versiones anteriores a 10.1, presentan múltiples problemas de desreferencia de puntero NULL mientras se procesar archivos de proyecto, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/pdf/ssa-231216.pdf https://us-cert.cisa.gov/ics/advisories/icsa-21-035-01 https://www.zerodayinitiative.com/advisories/ZDI-21-317 https://www.zerodayinitiative.com/advisories/ZDI-21-325 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •