CVE-2023-5180

Out-of-bounds Write vulnerability exists in ODA Drawings SDK before 2024.12

Description

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process.

INFO

Published Date :

2023-12-26T08:35:37.619Z

Last Modified :

2024-08-02T07:52:07.647Z

Source :

ODA

Researchers

Following researchers has claimed that they have found this vulnerability.

Seyit Sigirci

@h3xecute

AFFECTED PRODUCTS

The following products are affected by CVE-2023-5180 vulnerability.

Vendors	Products
Opendesign	Drawings Sdk

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-5180.

URL	Resource
https://www.opendesign.com/security-advisories

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact