First published: Mon Apr 26 2021(Updated: )
An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opendesign Drawings Sdk | <2021.6 | |
Siemens COMOS | <10.4.1 | |
Siemens JT2Go | <13.1.0.1 | 13.1.0.1 |
Siemens Teamcenter Visualization | <13.1.0.1 | 13.1.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-31784 is an out-of-bounds write vulnerability in the file-reading procedure in Open Design Alliance Drawings SDK before version 2021.6 and Siemens COMOS before version 10.4.1.
CVE-2021-31784 has a severity rating of 7.8 (high).
CVE-2021-31784 affects Opendesign Drawings Sdk versions prior to 2021.6 and Siemens COMOS versions prior to 10.4.1.
An attacker can exploit CVE-2021-31784 to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart).
Yes, you can find more information about CVE-2021-31784 in the following references: [Siemens ProductCERT Advisory](https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf) and [Open Design Alliance Security Advisories](https://www.opendesign.com/security-advisories).