Out-of-Bounds and Stack Overflow Vulnerabilities in Bentley MicroStation and Applications
CVE-2022-42901

7.8HIGH

Key Information:

Vendor: Bentley
Status: Microstation; View
Vendor: CVE Published:; 13 October 2022

Summary

Bentley MicroStation and associated applications are susceptible to out-of-bounds and stack overflow vulnerabilities when handling specially crafted XMT files. These security flaws could facilitate information disclosure and unauthorized code execution, posing significant threats to user data and system integrity. Users are advised to upgrade to version 10.17.01.58 or later for MicroStation and 10.17.01.19 or later for Bentley View to mitigate these risks.

References

https://www.bentley.com/legal/common-vulnerability-exposu...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 13, 2022
Vulnerability Reserved
Oct 13, 2022