CVE-2021-27496

Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process.

CVSS v3 7.8 HIGH
CVSS v2.0 6.8 MEDIUM

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf	Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01	Third Party Advisory US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-21-565/	Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf	Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01	Third Party Advisory US Government Resource
https://www.zerodayinitiative.com/advisories/ZDI-21-565/	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:datakit:crosscadware::::::::
	cpe:2.3:a:luxion:keyshot::::::::

Configuration 2 (hide)

AND

cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:58

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf - Third Party Advisory~~	() https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf - Third Party Advisory
References	~~() https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 - Third Party Advisory, US Government Resource~~	() https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 - Third Party Advisory, US Government Resource
References	~~() https://www.zerodayinitiative.com/advisories/ZDI-21-565/ - Third Party Advisory, VDB Entry~~	() https://www.zerodayinitiative.com/advisories/ZDI-21-565/ - Third Party Advisory, VDB Entry

Information

Published : 2021-05-27 16:15

Updated : 2024-11-21 05:58

NVD link : CVE-2021-27496

Mitre link : CVE-2021-27496

CVE.ORG link : CVE-2021-27496

JSON object : View

Products Affected

datakit

crosscadware

siemens

solid_edge_se2021_firmware
solid_edge_se2021
solid_edge_se2020_firmware
solid_edge_se2020

luxion

keyshot

CWE

CWE-822

Untrusted Pointer Dereference

NVD-CWE-Other

{"id": "CVE-2021-27496", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2021-05-27T16:15:08.140", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf", "tags": ["Third Party Advisory"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-565/", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-565/", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-822"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process."}, {"lang": "es", "value": "Las bibliotecas de Datakit Software CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr en los m\u00f3dulos de KeyShot Versiones v10.1 y anteriores, carecen de una comprobaci\u00f3n apropiada de los datos suministrados por el usuario cuando se analizan archivos PRT. Esto podr\u00eda conllevar a desreferencias de puntero de un valor obtenido de una fuente no confiable. Un atacante podr\u00eda explotar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual"}], "lastModified": "2024-11-21T05:58:06.480", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:datakit:crosscadware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "918C899F-E161-4E2D-BD4F-65135B74FD58", "versionEndIncluding": "2021.1"}, {"criteria": "cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9417CCC9-CB11-41E6-97C6-33E5C348B4F8", "versionEndIncluding": "10.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B8F6B67-0A8A-42E5-B9BD-3539475D7C92"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E2BB7C3E-32DA-477C-8C11-E35546BC5D61"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E83F677E-3133-407D-8089-E2682DBFDA1E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1B9B3882-6975-42EA-A056-B6EC83E51E78"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}

7.8 /10