CVE Vulnerability

CVE-2022-35906

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a DGN file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within the parsing of DGN files could enable an attacker to read information in the context of the current process.

3.3 /10

CVSS v3.0 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0011 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:bentley:microstation:*:*:*:*:*:*:*:*
cpe:2.3:a:bentley:view:*:*:*:*:*:*:*:*
Information

Published : 2022-07-15 11:15

Updated : 2022-07-21 02:40

NVD link : CVE-2022-35906

Mitre link : CVE-2022-35906

Products Affected
No products.
CWE
CWE-125

Out-of-bounds Read