Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-22670

Published: 15/04/2023 Updated: 24/04/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0

Vulnerability Summary

A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK prior to 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

opendesign drawings sdk

ICS Advisories

Siemens Solid Edge
Critical Infrastructure Sectors: Critical Manufacturing
https://ics-cert.us-cert.gov/advisories/fb9f838a12a2dbd214e613bc10bf0706
https://ics-cert.us-cert.gov/advisories/2ecb0cb4ba04d4fd933f2d81d55089e6
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-787https://www.opendesign.com/security-advisorieshttps://nvd.nist.govhttps://www.cisa.gov/uscert/ics/advisories/icsa-23-047-01https://www.zerodayinitiative.com/advisories/ZDI-23-205/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camerabypassCVE-2024-3592CVE-2024-37383CVE-2024-24919CVE-2024-27822CVE-2024-36788CVE-2024-36789man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook