Out-of-Bounds Read Vulnerabilities in Bentley MicroStation Products
CVE-2022-42900

7.8HIGH

Key Information:

Vendor: Bentley
Status: Microstation; View
Vendor: CVE Published:; 13 October 2022

What is CVE-2022-42900?

Bentley MicroStation and associated applications are susceptible to out-of-bounds read vulnerabilities when opening specially crafted FBX files. These vulnerabilities could potentially allow attackers to disclose sensitive information or execute arbitrary code, posing significant risks to users' systems. Recommended action includes updating to the fixed versions: MicroStation 10.17.01.58* and Bentley View 10.17.01.19* to mitigate these issues.

References

https://www.bentley.com/legal/common-vulnerability-exposu...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 13, 2022
Vulnerability Reserved
Oct 13, 2022