CVE-2021-27494

{"id": "CVE-2021-27494", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2021-05-27T16:15:08.097", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf", "tags": ["Third Party Advisory"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-564/", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process."}, {"lang": "es", "value": "Las bibliotecas de Datakit Software CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr en los m\u00f3dulos KeyShot Versiones v10.1 y anteriores carecen de una comprobaci\u00f3n apropiada de los datos suministrados por el usuario cuando se analizan archivos STP. Esto podr\u00eda resultar en un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria. Un atacante podr\u00eda explotar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual"}], "lastModified": "2021-06-09T17:54:13.367", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:datakit:crosscadware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "918C899F-E161-4E2D-BD4F-65135B74FD58", "versionEndIncluding": "2021.1"}, {"criteria": "cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9417CCC9-CB11-41E6-97C6-33E5C348B4F8", "versionEndIncluding": "10.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B8F6B67-0A8A-42E5-B9BD-3539475D7C92"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E2BB7C3E-32DA-477C-8C11-E35546BC5D61"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E83F677E-3133-407D-8089-E2682DBFDA1E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1B9B3882-6975-42EA-A056-B6EC83E51E78"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}