CVE-2021-27494 - Vulnerability Details

Vendors	Products
Datakit	Crosscadware
Luxion	Keyshot
Siemens	Solid Edge Se2020 Solid Edge Se2020 Firmware Solid Edge Se2021 Solid Edge Se2021 Firmware

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01
https://www.zerodayinitiative.com/advisories/ZDI-21-564/

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Datakit Software libraries embedded in Luxion KeyShot software", "vendor": "n/a", "versions": [{"status": "affected", "version": "CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior"}]}], "descriptions": [{"lang": "en", "value": "Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "STACK-BASED BUFFER OVERFLOW CWE-121", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-27T15:26:55", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-564/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2021-27494", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Datakit Software libraries embedded in Luxion KeyShot software", "version": {"version_data": [{"version_value": "CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "STACK-BASED BUFFER OVERFLOW CWE-121"}]}]}, "references": {"reference_data": [{"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-564/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-564/"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T21:26:08.929Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-564/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2021-27494", "datePublished": "2021-05-27T15:26:36", "dateReserved": "2021-02-19T00:00:00", "dateUpdated": "2024-08-03T21:26:08.929Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Datakit Software libraries embedded in Luxion KeyShot software (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-121 (string)

description : STACK-BASED BUFFER OVERFLOW CWE-121 (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2021-05-27T15:26:55 (string)

orgId : 7d14cffa-0d7d-4270-9dc0-52cabd5a23a6 (string)

shortName : icscert (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://www.zerodayinitiative.com/advisories/ZDI-21-564/ (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : ics-cert@hq.dhs.gov (string)

ID : CVE-2021-27494 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Datakit Software libraries embedded in Luxion KeyShot software (string)

version : { »

version_data : [ »

0 : { »

version_value : CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : STACK-BASED BUFFER OVERFLOW CWE-121 (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.zerodayinitiative.com/advisories/ZDI-21-564/ (string)

refsource : MISC (string)

url : https://www.zerodayinitiative.com/advisories/ZDI-21-564/ (string)

}

1 : { »

name : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

refsource : CONFIRM (string)

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

2 : { »

name : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

refsource : MISC (string)

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T21:26:08.929Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://www.zerodayinitiative.com/advisories/ZDI-21-564/ (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 7d14cffa-0d7d-4270-9dc0-52cabd5a23a6 (string)

assignerShortName : icscert (string)

cveId : CVE-2021-27494 (string)

datePublished : 2021-05-27T15:26:36 (string)

dateReserved : 2021-02-19T00:00:00 (string)

dateUpdated : 2024-08-03T21:26:08.929Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:datakit:crosscadware:*:*:*:*:*:*:*:*", "matchCriteriaId": "918C899F-E161-4E2D-BD4F-65135B74FD58", "versionEndIncluding": "2021.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:*", "matchCriteriaId": "9417CCC9-CB11-41E6-97C6-33E5C348B4F8", "versionEndIncluding": "10.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B8F6B67-0A8A-42E5-B9BD-3539475D7C92", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2BB7C3E-32DA-477C-8C11-E35546BC5D61", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E83F677E-3133-407D-8089-E2682DBFDA1E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B9B3882-6975-42EA-A056-B6EC83E51E78", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process."}, {"lang": "es", "value": "Las bibliotecas de Datakit Software CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr en los m\u00f3dulos KeyShot Versiones v10.1 y anteriores carecen de una comprobaci\u00f3n apropiada de los datos suministrados por el usuario cuando se analizan archivos STP.&#xa0;Esto podr\u00eda resultar en un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria.&#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual"}], "id": "CVE-2021-27494", "lastModified": "2024-11-21T05:58:06.240", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-27T16:15:08.097", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-564/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-564/"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:datakit:crosscadware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 918C899F-E161-4E2D-BD4F-65135B74FD58 (string)

versionEndIncluding : 2021.1 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9417CCC9-CB11-41E6-97C6-33E5C348B4F8 (string)

versionEndIncluding : 10.1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7B8F6B67-0A8A-42E5-B9BD-3539475D7C92 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E2BB7C3E-32DA-477C-8C11-E35546BC5D61 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E83F677E-3133-407D-8089-E2682DBFDA1E (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 1B9B3882-6975-42EA-A056-B6EC83E51E78 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (string)

}

1 : { »

lang : es (string)

value : Las bibliotecas de Datakit Software CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr en los módulos KeyShot Versiones v10.1 y anteriores carecen de una comprobación apropiada de los datos suministrados por el usuario cuando se analizan archivos STP. Esto podría resultar en un desbordamiento del búfer en la región stack de la memoria. Un atacante podría explotar esta vulnerabilidad para ejecutar código en el contexto del proceso actual (string)

}

]

id : CVE-2021-27494 (string)

lastModified : 2024-11-21T05:58:06.240 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2021-05-27T16:15:08.097 (string)

references : [ »

0 : { »

source : ics-cert@hq.dhs.gov (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

1 : { »

source : ics-cert@hq.dhs.gov (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

2 : { »

source : ics-cert@hq.dhs.gov (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://www.zerodayinitiative.com/advisories/ZDI-21-564/ (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdf (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : https://www.zerodayinitiative.com/advisories/ZDI-21-564/ (string)

}

]

sourceIdentifier : ics-cert@hq.dhs.gov (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-121 (string)

}

]

source : ics-cert@hq.dhs.gov (string)

type : Secondary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object