Vulnerability Details CVE-2021-27490
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf
- https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01
- https://www.zerodayinitiative.com/advisories/ZDI-21-566/
- https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf
- https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01
- https://www.zerodayinitiative.com/advisories/ZDI-21-566/
Products affected by CVE-2021-27490
-
cpe:2.3:a:datakit:crosscadware:-
-
cpe:2.3:a:datakit:crosscadware:2021.1
-
cpe:2.3:a:luxion:keyshot:-
-
cpe:2.3:a:luxion:keyshot:10
-
cpe:2.3:a:luxion:keyshot:10.1
-
cpe:2.3:h:siemens:solid_edge_se2020:-
-
cpe:2.3:h:siemens:solid_edge_se2021:-
-
cpe:2.3:o:siemens:solid_edge_se2020_firmware:-
-
cpe:2.3:o:siemens:solid_edge_se2020_firmware:2020mp14
-
cpe:2.3:o:siemens:solid_edge_se2021_firmware:-
-
cpe:2.3:o:siemens:solid_edge_se2021_firmware:se2021mp15
-
cpe:2.3:o:siemens:solid_edge_se2021_firmware:se2021mp7