CVE-2023-5179

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 7, 2023

Updated: Nov 14, 2023

CWE ID 120

Summary

CVE-2023-5179 is a newly disclosed vulnerability affecting Open Design Alliance Drawings SDK versions prior to 2024.10. A maliciously crafted DGN file containing a corrupted MiniFat sector value can trigger an out-of-bounds read. This issue may result in a crash, allowing for potential denial-of-service attacks. Although not directly stated, there is a possibility for attackers to exploit this vulnerability for code execution.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t7T9Wu
https://www.cve.org/CVERecord?id=CVE-2023-5179
https://nvd.nist.gov/vuln/detail/CVE-2023-5179

Back to Vulnerability Database

CVE-2023-5179

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations