CVE-2022-42899
First published: Thu Oct 13 2022(Updated: )
Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read and stack overflow issues when opening crafted SKP files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bentley MicroStation | <10.17.01.58 | |
| Bentley View | <10.17.01.19 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-42899?
CVE-2022-42899 is a vulnerability that affects Bentley MicroStation and MicroStation-based applications, allowing for out-of-bounds read and stack overflow issues when opening crafted SKP files.
What is the severity of CVE-2022-42899?
The severity of CVE-2022-42899 is high, with a CVSS score of 7.8.
How can CVE-2022-42899 be exploited?
CVE-2022-42899 can be exploited by opening specially crafted SKP files, which can lead to information disclosure and code execution.
Which software versions are affected by CVE-2022-42899?
Bentley MicroStation versions up to and excluding 10.17.01.58, as well as Bentley View versions up to and excluding 10.17.01.19, are affected by CVE-2022-42899.
How can I fix CVE-2022-42899?
To fix CVE-2022-42899, update Bentley MicroStation to version 10.17.01.58* and Bentley View to version 10.17.01.19*.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- vendor/bentley
- canonical/bentley microstation
- canonical/bentley view