Vulnerability in Opendesign Drawings_sdk
CVE-2021-32946
An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data. This may result in sever…
EPSS: 0.028 (84.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Opendesign Drawings_sdk
- Siemens Comos
- Siemens Jt2go
- Siemens Teamcenter_visualization
- N/a Drawings Sdk — versions Version 2022.4 and prior
Weakness classification (CWE)
References
- ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)
- ics-cert@hq.dhs.gov (x_refsource_CONFIRM, Third Party Advisory)
- ics-cert@hq.dhs.gov (VDB Entry, Third Party Advisory, x_refsource_MISC)
- ics-cert@hq.dhs.gov (VDB Entry, Third Party Advisory, x_refsource_MISC)
- ics-cert@hq.dhs.gov (x_refsource_CONFIRM, Patch, Third Party Advisory)
Frequently asked questions
- What is CVE-2021-32946?
- CVE-2021-32946 is a high-severity vulnerability in Opendesign Drawings_sdk, classified under Improper Check for Unusual or Exceptional Conditions. CVSS score: 7.8/10. Published 2021-06-17.
- How severe is CVE-2021-32946?
- High severity. CVSS v3 base score is 7.8 out of 10.