Vulnerability-Lookup

CVE-2021-32950 (GCVE-0-2021-32950)

Vulnerability from cvelistv5 – Published: 2021-06-17 12:41 – Updated: 2024-08-03 23:33

Summary

Severity

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

CWE

CWE-125 - OUT-OF-BOUNDS READ CWE-125

Assigner

icscert

References

4 references

URL	Tags
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02	x_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
n/a	Drawings SDK	Affected: All versions prior to 2022.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:33:56.120Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-988/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Drawings SDK",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to 2022.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "OUT-OF-BOUNDS READ CWE-125",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-08T14:06:20.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-988/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2021-32950",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Drawings SDK",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions prior to 2022.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "OUT-OF-BOUNDS READ CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-988/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-988/"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2021-32950",
    "datePublished": "2021-06-17T12:41:51.000Z",
    "dateReserved": "2021-05-13T00:00:00.000Z",
    "dateUpdated": "2024-08-03T23:33:56.120Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-32950",
      "date": "2026-06-08",
      "epss": "0.00281",
      "percentile": "0.51714"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-32950\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2021-06-17T13:15:08.250\",\"lastModified\":\"2024-11-21T06:07:59.413\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations.\"},{\"lang\":\"es\",\"value\":\"Se presenta un problema de lectura fuera de l\u00edmites en el an\u00e1lisis de archivos DXF en Drawings SDK (todas las versiones anteriores a 2022.4) resultando en una falta de comprobaci\u00f3n apropiada de los datos suministrados por el usuario. Esto puede resultar en una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado y permite a atacantes causar una condici\u00f3n de denegaci\u00f3n de servicio o leer informaci\u00f3n confidencial de las ubicaciones de memoria\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:P\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:opendesign:drawings_sdk:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.4\",\"matchCriteriaId\":\"FEFEE0EB-BDA4-4D1A-85B5-0D0A80EE26FA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.4.1\",\"matchCriteriaId\":\"0F0CFB85-CD4F-424C-8B9F-9289D08FA665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"13.2.0.1\",\"matchCriteriaId\":\"C811E8B2-CA0C-4A71-A803-A30C4DAF1476\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"13.2.0.1\",\"matchCriteriaId\":\"87BB2370-46C4-4BEC-8189-1F7FE4C1E12D\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-988/\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-988/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

SSA-365397

Vulnerability from csaf_siemens - Published: 2021-08-10 00:00 - Updated: 2021-08-10 00:00

Summary

SSA-365397: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.1

Notes

Summary: Siemens has released version V13.2.0.1 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (CGM, DGN, DXF, and DWG). If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially arbitrary code execution. Siemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products. Note: - This advisory also covers security vulnerabilities recently disclosed by Open Design Alliance [0] [0] https://www.opendesign.com/security-advisories

General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.

CVE-2021-32936

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE-787 - Out-of-bounds Write

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
JT2Go Siemens / JT2Go		< V13.2.0.1	Vendor Fix fix Mitigation
Teamcenter Visualization Siemens / Teamcenter Visualization		< V13.2.0.1	Vendor Fix Mitigation

CVE-2021-32938

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C

CWE-125 - Out-of-bounds Read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
JT2Go Siemens / JT2Go		< V13.2.0.1	Vendor Fix fix Mitigation
Teamcenter Visualization Siemens / Teamcenter Visualization		< V13.2.0.1	Vendor Fix Mitigation

CVE-2021-32940

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C

CWE-125 - Out-of-bounds Read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
JT2Go Siemens / JT2Go		< V13.2.0.1	Vendor Fix fix Mitigation
Teamcenter Visualization Siemens / Teamcenter Visualization		< V13.2.0.1	Vendor Fix Mitigation

CVE-2021-32944

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE-416 - Use After Free

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
JT2Go Siemens / JT2Go		< V13.2.0.1	Vendor Fix fix Mitigation
Teamcenter Visualization Siemens / Teamcenter Visualization		< V13.2.0.1	Vendor Fix Mitigation

CVE-2021-32948

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE-787 - Out-of-bounds Write

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
JT2Go Siemens / JT2Go		< V13.2.0.1	Vendor Fix fix Mitigation
Teamcenter Visualization Siemens / Teamcenter Visualization		< V13.2.0.1	Vendor Fix Mitigation

CVE-2021-32950

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C

CWE-125 - Out-of-bounds Read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
JT2Go Siemens / JT2Go		< V13.2.0.1	Vendor Fix fix Mitigation
Teamcenter Visualization Siemens / Teamcenter Visualization		< V13.2.0.1	Vendor Fix Mitigation

CVE-2021-33717

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
JT2Go Siemens / JT2Go		< V13.2.0.1	Vendor Fix fix Mitigation
Teamcenter Visualization Siemens / Teamcenter Visualization		< V13.2.0.1	Vendor Fix Mitigation

References

17 references

URL	Category
https://cert-portal.siemens.com/productcert/pdf/s…	self
https://cert-portal.siemens.com/productcert/txt/s…	self
https://cert-portal.siemens.com/productcert/csaf/…	self
https://www.plm.automation.siemens.com/global/en/…
https://cert-portal.siemens.com/productcert/mitre…
https://www.plm.automation.siemens.com/global/en/…
https://cert-portal.siemens.com/productcert/mitre…
https://www.plm.automation.siemens.com/global/en/…
https://cert-portal.siemens.com/productcert/mitre…
https://www.plm.automation.siemens.com/global/en/…
https://cert-portal.siemens.com/productcert/mitre…
https://www.plm.automation.siemens.com/global/en/…
https://cert-portal.siemens.com/productcert/mitre…
https://www.plm.automation.siemens.com/global/en/…
https://cert-portal.siemens.com/productcert/mitre…
https://www.plm.automation.siemens.com/global/en/…
https://cert-portal.siemens.com/productcert/mitre…

Acknowledgments

Trend Micro Zero Day Initiative

Open Design Alliance

Codesafe Team of Legendsec at Qi'anxin Group Kai Wang

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Trend Micro Zero Day Initiative",
        "summary": "coordinated disclosure"
      },
      {
        "organization": "Open Design Alliance",
        "summary": "coordination efforts"
      },
      {
        "names": [
          "Kai Wang"
        ],
        "organization": "Codesafe Team of Legendsec at Qi\u0027anxin Group",
        "summary": "coordinated disclosure of CVE-2021-33717"
      }
    ],
    "category": "Siemens Security Advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited.",
      "tlp": {
        "label": "WHITE"
      }
    },
    "notes": [
      {
        "category": "summary",
        "text": "Siemens has released version V13.2.0.1 for JT2Go and Teamcenter Visualization to fix multiple vulnerabilities that could be triggered when the products read files in different file formats (CGM, DGN, DXF, and DWG). If a user is tricked to open a malicious file with the affected products, this could lead the application to crash or potentially arbitrary code execution.\n\nSiemens recommends to update to the latest versions and to limit opening of untrusted files from unknown sources in the affected products.\n\nNote:\n\n-   This advisory also covers security vulnerabilities recently disclosed by Open Design Alliance [0]\n\n[0] https://www.opendesign.com/security-advisories",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-365397: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.1 - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
      },
      {
        "category": "self",
        "summary": "SSA-365397: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.1 - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-365397.txt"
      },
      {
        "category": "self",
        "summary": "SSA-365397: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.1 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-365397.json"
      }
    ],
    "title": "SSA-365397: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.1",
    "tracking": {
      "current_release_date": "2021-08-10T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-365397",
      "initial_release_date": "2021-08-10T00:00:00Z",
      "revision_history": [
        {
          "date": "2021-08-10T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V13.2.0.1",
                "product": {
                  "name": "JT2Go",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "JT2Go"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V13.2.0.1",
                "product": {
                  "name": "Teamcenter Visualization",
                  "product_id": "2"
                }
              }
            ],
            "category": "product_name",
            "name": "Teamcenter Visualization"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-32936",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write issue exists in the DXF file-recovering procedure in the Open Design Alliance Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "references": [
        {
          "summary": "CVE-2021-32936 - JT2Go",
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "summary": "CVE-2021-32936 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-32936.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2021-32936"
    },
    {
      "cve": "CVE-2021-32938",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Open Design Alliance Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "references": [
        {
          "summary": "CVE-2021-32938 - JT2Go",
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "summary": "CVE-2021-32938 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-32938.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2021-32938"
    },
    {
      "cve": "CVE-2021-32940",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read issue exists in the DWG file-recovering procedure in the Open Design Alliance Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or read sensitive information from memory locations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "references": [
        {
          "summary": "CVE-2021-32940 - JT2Go",
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "summary": "CVE-2021-32940 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-32940.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2021-32940"
    },
    {
      "cve": "CVE-2021-32944",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free issue exists in the DGN file-reading procedure in the Open Design Alliance Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a memory corruption or arbitrary code execution, allowing attackers to cause a denial-of-service condition or execute code in the context of the current process.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "references": [
        {
          "summary": "CVE-2021-32944 - JT2Go",
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "summary": "CVE-2021-32944 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-32944.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2021-32944"
    },
    {
      "cve": "CVE-2021-32948",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds write issue exists in the DWG file-reading procedure in the Open Design Alliance Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "references": [
        {
          "summary": "CVE-2021-32948 - JT2Go",
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "summary": "CVE-2021-32948 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-32948.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2021-32948"
    },
    {
      "cve": "CVE-2021-32950",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An out-of-bounds read issue exists within the parsing of DXF files in the Open Design Alliance Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "references": [
        {
          "summary": "CVE-2021-32950 - JT2Go",
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "summary": "CVE-2021-32950 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-32950.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2021-32950"
    },
    {
      "cve": "CVE-2021-33717",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "When parsing specially crafted CGM Files, a NULL pointer deference condition could cause the application to crash. The application must be restarted to restore the service. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "references": [
        {
          "summary": "CVE-2021-33717 - JT2Go",
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "summary": "CVE-2021-33717 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-33717.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V13.2.0.1 or later version",
          "product_ids": [
            "2"
          ]
        },
        {
          "category": "mitigation",
          "details": "Avoid to open untrusted files from unknown sources in JT2Go and Teamcenter Visualization",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2021-33717"
    }
  ]
}

VAR-202106-1195

Vulnerability from variot - Updated: 2024-08-14 12:17

An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations. Open Design Alliance Provided by Drawings SDK is a drafting software development kit. This product contains multiple vulnerabilities listed below. * Out-of-bounds read (CWE-125) - CVE-2021-32938 It was * Out-of-bounds writing (CWE-787) - CVE-2021-32936 It was * Out-of-bounds read (CWE-125) - CVE-2021-32940 It was * DGN Improper checking of files for abnormal or exceptional conditions (CWE-754) - CVE-2021-32946 It was * Out-of-bounds writing (CWE-787) - CVE-2021-32948 It was * Out-of-bounds read (CWE-125) - CVE-2021-32950 It was * Out-of-bounds writing (CWE-787) - CVE-2021-32952 It was * Use of freed memory (use-after-free) (CWE-416) - CVE-2021-32944The expected impact depends on each vulnerability, but it may be affected as follows. It was * crafted by the attacker DWG Denial of service by opening the file (DoS) triggering a condition or reading sensitive information from memory - CVE-2021-32938 It was * crafted by the attacker DXF Denial of service by opening files via recovery (DoS) state is triggered or code is executed - CVE-2021-32936 It was * crafted by the attacker DWG Denial of service by opening files via recovery (DoS) triggering a condition or reading sensitive information from memory - CVE-2021-32940 It was * crafted by the attacker DGN Denial of service by reading the file (DoS) state is triggered or code is executed - CVE-2021-32946 , CVE-2021-32952 It was * crafted by the attacker DWG Denial of service by opening the file (DoS) state is triggered or code is executed - CVE-2021-32948 It was * crafted by the attacker DXF Denial of service by opening the file (DoS) triggering a condition or reading sensitive information from memory - CVE-2021-32950 It was * Crafted by an attacker by an attacker DGN Denial of service by opening the file (DoS) A condition is triggered or arbitrary code is executed - CVE-2021-32944. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of DXF files. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. The development kit accesses the data in .dwg and .dgn through a convenient, object-oriented API, and provides functions such as C++ API, support for repairing files, and support for .NET, JAVA, and Python development languages. There is a buffer error vulnerability in Drawings SDK, which is caused by boundary conditions when parsing DXF files. Affected products and versions are as follows: Drawings SDK: Before 2022.4

Show details on source website

JSON

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "teamcenter visualization",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.2.0.1"
      },
      {
        "_id": null,
        "model": "drawings sdk",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "opendesign",
        "version": "2022.4"
      },
      {
        "_id": null,
        "model": "jt2go",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.2.0.1"
      },
      {
        "_id": null,
        "model": "comos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "10.4.1"
      },
      {
        "_id": null,
        "model": "drawings sdk",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "open design alliance",
        "version": "2022.4  all previous  s  - cve-2021-32938 , cve-2021-32936 , cve-2021-32940 , cve-2021-32948 , cve-2021-32950 , cve-2021-32944"
      },
      {
        "_id": null,
        "model": "drawings sdk",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "open design alliance",
        "version": "2022.5  all previous  s  - cve-2021-32946 , cve-2021-32952"
      },
      {
        "_id": null,
        "model": "drawings sdk",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "open design alliance",
        "version": null
      },
      {
        "_id": null,
        "model": "jt2go",
        "scope": null,
        "trust": 0.7,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "drawing sdk",
        "scope": null,
        "trust": 0.7,
        "vendor": "open design alliance oda",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-988"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-136"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-32950"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Mat Powell of Trend Micro Zero Day Initiative",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-988"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-685"
      }
    ],
    "trust": 1.3
  },
  "cve": "CVE-2021-32950",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2021-32950",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.1,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-392936",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "ZDI",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 1.8,
            "id": "CVE-2021-32950",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.4,
            "userInteraction": "REQUIRED",
            "vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2021-32950",
            "impactScore": 5.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "IPA",
            "availabilityImpact": "Low",
            "baseScore": 4.4,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-001881",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L \t",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "ZDI",
            "id": "CVE-2021-32950",
            "trust": 1.4,
            "value": "LOW"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-32950",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2021-001881",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202106-685",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-392936",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-32950",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-988"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-136"
      },
      {
        "db": "VULHUB",
        "id": "VHN-392936"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-32950"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-685"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-32950"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations. Open Design Alliance Provided by Drawings SDK is a drafting software development kit. This product contains multiple vulnerabilities listed below. * Out-of-bounds read (CWE-125) - CVE-2021-32938 It was * Out-of-bounds writing (CWE-787) - CVE-2021-32936 It was * Out-of-bounds read (CWE-125) - CVE-2021-32940 It was * DGN Improper checking of files for abnormal or exceptional conditions (CWE-754) - CVE-2021-32946 It was * Out-of-bounds writing (CWE-787) - CVE-2021-32948 It was * Out-of-bounds read (CWE-125) - CVE-2021-32950 It was * Out-of-bounds writing (CWE-787) - CVE-2021-32952 It was * Use of freed memory (use-after-free) (CWE-416) - CVE-2021-32944The expected impact depends on each vulnerability, but it may be affected as follows. It was * crafted by the attacker DWG Denial of service by opening the file (DoS) triggering a condition or reading sensitive information from memory - CVE-2021-32938 It was * crafted by the attacker DXF Denial of service by opening files via recovery (DoS) state is triggered or code is executed - CVE-2021-32936 It was * crafted by the attacker DWG Denial of service by opening files via recovery (DoS) triggering a condition or reading sensitive information from memory - CVE-2021-32940 It was * crafted by the attacker DGN Denial of service by reading the file (DoS) state is triggered or code is executed - CVE-2021-32946 , CVE-2021-32952 It was * crafted by the attacker DWG Denial of service by opening the file (DoS) state is triggered or code is executed - CVE-2021-32948 It was * crafted by the attacker DXF Denial of service by opening the file (DoS) triggering a condition or reading sensitive information from memory - CVE-2021-32950 It was * Crafted by an attacker by an attacker DGN Denial of service by opening the file (DoS) A condition is triggered or arbitrary code is executed - CVE-2021-32944. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of DXF files. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. The development kit accesses the data in .dwg and .dgn through a convenient, object-oriented API, and provides functions such as C++ API, support for repairing files, and support for .NET, JAVA, and Python development languages. There is a buffer error vulnerability in Drawings SDK, which is caused by boundary conditions when parsing DXF files. Affected products and versions are as follows: Drawings SDK: Before 2022.4",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-32950"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881"
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-988"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-136"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULHUB",
        "id": "VHN-392936"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-32950"
      }
    ],
    "trust": 3.6
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-32950",
        "trust": 4.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-159-02",
        "trust": 2.6
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-988",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-155599",
        "trust": 1.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-365397",
        "trust": 1.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-136",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU97514209",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU95145431",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-047-01",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-13415",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-19163",
        "trust": 0.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-069-06",
        "trust": 0.7
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-222-01",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021060909",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021081108",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022031102",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2046",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.1047",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2700",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-685",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-392936",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-32950",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-988"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-136"
      },
      {
        "db": "VULHUB",
        "id": "VHN-392936"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-32950"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-685"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-32950"
      }
    ]
  },
  "id": "VAR-202106-1195",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-392936"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-08-14T12:17:08.924000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Open\u00a0Design\u00a0Alliance\u00a0( Login required ) Open\u00a0Design\u00a0Alliance",
        "trust": 0.8,
        "url": "https://docs.opendesign.com/td/frames.html?frmname=topic\u0026frmfile=MovingToNewVersion.html"
      },
      {
        "title": "",
        "trust": 0.7,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-222-01https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
      },
      {
        "title": "",
        "trust": 0.7,
        "url": "https://www.opendesign.com/security-advisories"
      },
      {
        "title": "Open Design Alliance Drawings SDK Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=154862"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=dce38d2a1ec28e091a143e851596b2e8"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b2237aa5ac819041f827cc4fd4128631"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-988"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-136"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-32950"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-685"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.1
      },
      {
        "problemtype": "Out-of-bounds read (CWE-125) [IPA evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": " Use of freed memory (CWE-416) [IPA evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": " Improper checking in exceptional conditions (CWE-754) [IPA evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": " Out-of-bounds writing (CWE-787) [IPA evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-392936"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-32950"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 2.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
      },
      {
        "trust": 2.4,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-21-988/"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-32950"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu95145431"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu97514209/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-32936"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-32938"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-32940"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-32944"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-32946"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-32948"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-32952"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-047-01"
      },
      {
        "trust": 0.7,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-222-01https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf"
      },
      {
        "trust": 0.7,
        "url": "https://www.opendesign.com/security-advisories"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-222-01"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.1047"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2046"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021081108"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2700"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021060909"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022031102"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-069-06"
      },
      {
        "trust": 0.2,
        "url": "https://cwe.mitre.org/data/definitions/125.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-23-136/"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-069-06"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-988"
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-136"
      },
      {
        "db": "VULHUB",
        "id": "VHN-392936"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-32950"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-685"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-32950"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-21-988",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-23-136",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-392936",
        "ident": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-32950",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-685",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2021-32950",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2021-08-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-21-988",
        "ident": null
      },
      {
        "date": "2023-02-09T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-136",
        "ident": null
      },
      {
        "date": "2021-06-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-392936",
        "ident": null
      },
      {
        "date": "2021-06-17T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-32950",
        "ident": null
      },
      {
        "date": "2021-06-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-001881",
        "ident": null
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "ident": null
      },
      {
        "date": "2021-06-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202106-685",
        "ident": null
      },
      {
        "date": "2021-06-17T13:15:08.250000",
        "db": "NVD",
        "id": "CVE-2021-32950",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2021-08-18T00:00:00",
        "db": "ZDI",
        "id": "ZDI-21-988",
        "ident": null
      },
      {
        "date": "2023-02-09T00:00:00",
        "db": "ZDI",
        "id": "ZDI-23-136",
        "ident": null
      },
      {
        "date": "2022-04-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-392936",
        "ident": null
      },
      {
        "date": "2022-04-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-32950",
        "ident": null
      },
      {
        "date": "2023-02-17T05:48:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-001881",
        "ident": null
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "ident": null
      },
      {
        "date": "2022-03-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202106-685",
        "ident": null
      },
      {
        "date": "2022-04-15T15:34:59.663000",
        "db": "NVD",
        "id": "CVE-2021-32950",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-685"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Open\u00a0Design\u00a0Alliance\u00a0 Made \u00a0Drawings\u00a0SDK\u00a0 Multiple vulnerabilities in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001881"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-32950 (GCVE-0-2021-32950)

SSA-365397

VAR-202106-1195

Tags

Sightings

Nomenclature