An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf | Patch Third Party Advisory |
https://www.opendesign.com/security-advisories | Vendor Advisory |
Configurations
History
15 Apr 2022, 15:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:* | |
First Time |
Siemens comos
Siemens |
|
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf - Patch, Third Party Advisory |
10 Mar 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 May 2021, 00:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:opendesign:drawings_sdk:*:*:*:*:*:*:*:* | |
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
References | (MISC) https://www.opendesign.com/security-advisories - Vendor Advisory |
26 Apr 2021, 19:38
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-26 19:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-31784
Mitre link : CVE-2021-31784
CVE.ORG link : CVE-2021-31784
JSON object : View
Products Affected
siemens
- comos
opendesign
- drawings_sdk
CWE
CWE-787
Out-of-bounds Write