CVE-2021-27492 - Vulnerability Details

Vendors	Products
Datakit	Crosscadware
Luxion	Keyshot
Siemens	Solid Edge Se2020 Solid Edge Se2020 Firmware Solid Edge Se2021 Solid Edge Se2021 Firmware

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01
https://www.zerodayinitiative.com/advisories/ZDI-21-567/

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Datakit Software libraries embedded in Luxion KeyShot software", "vendor": "n/a", "versions": [{"status": "affected", "version": "CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior"}]}], "descriptions": [{"lang": "en", "value": "When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external DTD."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "IMPROPER RESTRICTIONS ON XML EXTERNAL ENTITY REFERENCE CWE-611", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-27T15:42:11", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-567/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2021-27492", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Datakit Software libraries embedded in Luxion KeyShot software", "version": {"version_data": [{"version_value": "CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external DTD."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "IMPROPER RESTRICTIONS ON XML EXTERNAL ENTITY REFERENCE CWE-611"}]}]}, "references": {"reference_data": [{"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-567/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-567/"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T21:26:08.955Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-567/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2021-27492", "datePublished": "2021-05-27T15:41:49", "dateReserved": "2021-02-19T00:00:00", "dateUpdated": "2024-08-03T21:26:08.955Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Datakit Software libraries embedded in Luxion KeyShot software (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external DTD. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-611 (string)

description : IMPROPER RESTRICTIONS ON XML EXTERNAL ENTITY REFERENCE CWE-611 (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2021-05-27T15:42:11 (string)

orgId : 7d14cffa-0d7d-4270-9dc0-52cabd5a23a6 (string)

shortName : icscert (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://www.zerodayinitiative.com/advisories/ZDI-21-567/ (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : ics-cert@hq.dhs.gov (string)

ID : CVE-2021-27492 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Datakit Software libraries embedded in Luxion KeyShot software (string)

version : { »

version_data : [ »

0 : { »

version_value : CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external DTD. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : IMPROPER RESTRICTIONS ON XML EXTERNAL ENTITY REFERENCE CWE-611 (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.zerodayinitiative.com/advisories/ZDI-21-567/ (string)

refsource : MISC (string)

url : https://www.zerodayinitiative.com/advisories/ZDI-21-567/ (string)

}

1 : { »

name : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

refsource : CONFIRM (string)

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

2 : { »

name : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

refsource : MISC (string)

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T21:26:08.955Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://www.zerodayinitiative.com/advisories/ZDI-21-567/ (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 7d14cffa-0d7d-4270-9dc0-52cabd5a23a6 (string)

assignerShortName : icscert (string)

cveId : CVE-2021-27492 (string)

datePublished : 2021-05-27T15:41:49 (string)

dateReserved : 2021-02-19T00:00:00 (string)

dateUpdated : 2024-08-03T21:26:08.955Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:datakit:crosscadware:*:*:*:*:*:*:*:*", "matchCriteriaId": "918C899F-E161-4E2D-BD4F-65135B74FD58", "versionEndIncluding": "2021.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:*", "matchCriteriaId": "9417CCC9-CB11-41E6-97C6-33E5C348B4F8", "versionEndIncluding": "10.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B8F6B67-0A8A-42E5-B9BD-3539475D7C92", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2BB7C3E-32DA-477C-8C11-E35546BC5D61", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E83F677E-3133-407D-8089-E2682DBFDA1E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B9B3882-6975-42EA-A056-B6EC83E51E78", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external DTD."}, {"lang": "es", "value": "Cuando se abre un archivo 3DXML especialmente dise\u00f1ado, la aplicaci\u00f3n que contiene las bibliotecas de software Datakit CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr en KeyShot Versiones v10.1 y anteriores, podr\u00eda divulgar archivos arbitrarios a atacantes remotos.&#xa0;Esto es debido al paso de contenido especialmente dise\u00f1ado al analizador XML subyacente sin tomar las restricciones apropiadas, como prohibir un DTD externo"}], "id": "CVE-2021-27492", "lastModified": "2024-11-21T05:58:05.993", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-27T16:15:08.050", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-567/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-567/"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:datakit:crosscadware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 918C899F-E161-4E2D-BD4F-65135B74FD58 (string)

versionEndIncluding : 2021.1 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9417CCC9-CB11-41E6-97C6-33E5C348B4F8 (string)

versionEndIncluding : 10.1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7B8F6B67-0A8A-42E5-B9BD-3539475D7C92 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E2BB7C3E-32DA-477C-8C11-E35546BC5D61 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E83F677E-3133-407D-8089-E2682DBFDA1E (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 1B9B3882-6975-42EA-A056-B6EC83E51E78 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external DTD. (string)

}

1 : { »

lang : es (string)

value : Cuando se abre un archivo 3DXML especialmente diseñado, la aplicación que contiene las bibliotecas de software Datakit CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr en KeyShot Versiones v10.1 y anteriores, podría divulgar archivos arbitrarios a atacantes remotos. Esto es debido al paso de contenido especialmente diseñado al analizador XML subyacente sin tomar las restricciones apropiadas, como prohibir un DTD externo (string)

}

]

id : CVE-2021-27492 (string)

lastModified : 2024-11-21T05:58:05.993 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2021-05-27T16:15:08.050 (string)

references : [ »

0 : { »

source : ics-cert@hq.dhs.gov (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

1 : { »

source : ics-cert@hq.dhs.gov (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

2 : { »

source : ics-cert@hq.dhs.gov (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://www.zerodayinitiative.com/advisories/ZDI-21-567/ (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://www.zerodayinitiative.com/advisories/ZDI-21-567/ (string)

}

]

sourceIdentifier : ics-cert@hq.dhs.gov (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-611 (string)

}

]

source : ics-cert@hq.dhs.gov (string)

type : Secondary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object