CVE-2021-22647

EPSS 2.1%CWE-787

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 2.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

23 feb 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing project files, which may allow an attacker to execute arbitrary code.

Productos afectados

n/a · Luxion KeyShot n/a · Luxion KeyShot Network Rendering n/a · Luxion KeyShot Viewer n/a · Luxion KeyVR

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cert-portal.siemens.com/productcert/pdf/ssa-231216.pdf https://us-cert.cisa.gov/ics/advisories/icsa-21-035-01 https://www.zerodayinitiative.com/advisories/ZDI-21-318/https://www.zerodayinitiative.com/advisories/ZDI-21-320/https://www.zerodayinitiative.com/advisories/ZDI-21-321/https://www.zerodayinitiative.com/advisories/ZDI-21-322/https://www.zerodayinitiative.com/advisories/ZDI-21-326/