Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing project files, which may allow an attacker to execute arbitrary code.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-231216.pdf | Third Party Advisory |
https://us-cert.cisa.gov/ics/advisories/icsa-21-035-01 | Third Party Advisory US Government Resource |
https://www.zerodayinitiative.com/advisories/ZDI-21-318/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-320/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-321/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-322/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-326/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
No history.
Information
Published : 2021-02-23 04:15
Updated : 2024-02-04 21:23
NVD link : CVE-2021-22647
Mitre link : CVE-2021-22647
CVE.ORG link : CVE-2021-22647
JSON object : View
Products Affected
luxion
- keyshot_network_rendering
- keyvr
- keyshot
- keyshot_viewer
siemens
- solid_edge_se2020
- solid_edge_se2020_firmware
- solid_edge_se2021
- solid_edge_se2021_firmware
CWE
CWE-787
Out-of-bounds Write