Buffer overflow in Luxion Keyshot
CVE-2021-22649
Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while proce…
EPSS: 0.022 (80.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Luxion Keyshot
- Luxion Keyshot_network_rendering
- Luxion Keyshot_viewer
- Luxion Keyvr
- Siemens Solid_edge_se2020
- Siemens Solid_edge_se2020_firmware
- Siemens Solid_edge_se2021
- Siemens Solid_edge_se2021_firmware
- N/a Luxion Keyshot — versions versions prior to 10.1
- N/a Luxion Keyshot Network Rendering — versions versions prior to 10.1
Weakness classification (CWE)
References
- ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)
- ics-cert@hq.dhs.gov (x_refsource_CONFIRM, Third Party Advisory)
- ics-cert@hq.dhs.gov (VDB Entry, Third Party Advisory, x_refsource_MISC)
- ics-cert@hq.dhs.gov (VDB Entry, Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2021-22649?
- CVE-2021-22649 is a high-severity vulnerability in Luxion Keyshot, classified under Untrusted Pointer Dereference. CVSS score: 7.8/10. Published 2021-02-23.
- How severe is CVE-2021-22649?
- High severity. CVSS v3 base score is 7.8 out of 10.