CVE-2021-22645
Published Feb 23, 2021
Last updated 4 years ago
Overview
- Description
- Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” command, which can be pointed to a .dll from a remote network share. As a result, the .dll entry point can be executed without sufficient UI warning.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
- ics-cert@hq.dhs.gov
- CWE-357
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92EA043D-B0BD-4C61-B6C6-709C001F0363",
"versionEndExcluding": "10.1"
},
{
"criteria": "cpe:2.3:a:luxion:keyshot_network_rendering:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99429D18-218B-4B84-B1E7-7E4B54B6CDD3",
"versionEndExcluding": "10.1"
},
{
"criteria": "cpe:2.3:a:luxion:keyshot_viewer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50848054-203F-4C61-8A26-154083FC0C15",
"versionEndExcluding": "10.1"
},
{
"criteria": "cpe:2.3:a:luxion:keyvr:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80310813-CE50-4876-85FF-18760DD5F502",
"versionEndExcluding": "10.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B8F6B67-0A8A-42E5-B9BD-3539475D7C92"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E2BB7C3E-32DA-477C-8C11-E35546BC5D61"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E83F677E-3133-407D-8089-E2682DBFDA1E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1B9B3882-6975-42EA-A056-B6EC83E51E78"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]