// For flags

CVE-2022-42899

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read and stack overflow issues when opening crafted SKP files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View.

Las aplicaciones de Bentley MicroStation y las basadas en MicroStation pueden verse afectadas por problemas de lectura fuera de límites y desbordamiento de pila cuando son abiertos archivos SKP diseñados. La explotación de estos problemas podría conllevar a una divulgación de información y una ejecución de código. Las versiones corregidas son 10.17.01.58* para MicroStation y 10.17.01.19* para Bentley View

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-10-13 CVE Reserved
  • 2022-10-13 CVE Published
  • 2022-10-19 First Exploit
  • 2024-05-05 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-125: Out-of-bounds Read
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Bentley
Search vendor "Bentley"
Microstation
Search vendor "Bentley" for product "Microstation"
< 10.17.01.58
Search vendor "Bentley" for product "Microstation" and version " < 10.17.01.58"
-
Affected
Bentley
Search vendor "Bentley"
View
Search vendor "Bentley" for product "View"
< 10.17.01.19
Search vendor "Bentley" for product "View" and version " < 10.17.01.19"
-
Affected