Vulnerability Description
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Datakit | Crosscadware | <= 2021.1 |
| Luxion | Keyshot | <= 10.1 |
| Siemens | Solid Edge Se2020 Firmware | All versions |
| Siemens | Solid Edge Se2020 | - |
| Siemens | Solid Edge Se2021 Firmware | All versions |
| Siemens | Solid Edge Se2021 | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdfThird Party Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01Third Party AdvisoryUS Government Resource
- https://www.zerodayinitiative.com/advisories/ZDI-21-566/Third Party AdvisoryVDB Entry
- https://cert-portal.siemens.com/productcert/pdf/ssa-119468.pdfThird Party Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-21-145-01Third Party AdvisoryUS Government Resource
- https://www.zerodayinitiative.com/advisories/ZDI-21-566/Third Party AdvisoryVDB Entry
FAQ
What is CVE-2021-27490?
CVE-2021-27490 is a vulnerability with a CVSS score of 7.8 (HIGH). Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an ...
How severe is CVE-2021-27490?
CVE-2021-27490 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-27490?
Check the references section above for vendor advisories and patch information. Affected products include: Datakit Crosscadware, Luxion Keyshot, Siemens Solid Edge Se2020 Firmware, Siemens Solid Edge Se2020, Siemens Solid Edge Se2021 Firmware.