Vulnerability Details CVE-2023-5180
An issue was discovered in Open Design Alliance
Drawings SDK before 2024.12. A corrupted value of number
of sectors used by the Fat structure in a crafted DGN file leads to an
out-of-bounds write. An attacker can leverage this vulnerability to execute
code in the context of the current process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.6%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2023-5180
-
cpe:2.3:a:opendesign:drawings_sdk:-
-
cpe:2.3:a:opendesign:drawings_sdk:2019
-
cpe:2.3:a:opendesign:drawings_sdk:2021.11
-
cpe:2.3:a:opendesign:drawings_sdk:2021.12
-
cpe:2.3:a:opendesign:drawings_sdk:2022.11
-
cpe:2.3:a:opendesign:drawings_sdk:2022.12
-
cpe:2.3:a:opendesign:drawings_sdk:2023.2
-
cpe:2.3:a:opendesign:drawings_sdk:2023.6
-
cpe:2.3:a:opendesign:drawings_sdk:2024.1
-
cpe:2.3:a:opendesign:drawings_sdk:2024.10