Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.



Advisories
Source ID Title
EUVD EUVD EUVD-2023-26484 Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.
Fixes

Solution

Datakit recommends user upgrade to v2023.1 https://www.datakit.com/en/crosscad_ware.php  or later.


Workaround

Datakit has identified specific workarounds and mitigations that should be applied to reduce the risk: * Do not open untrusted SLDPRT files with CrossCAD/Ware * Update CrossCAD/Ware to 2023.1 or a later version.

History

Thu, 16 Jan 2025 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2025-01-16T21:36:07.126Z

Reserved: 2023-01-23T18:59:04.538Z

Link: CVE-2023-22321

cve-icon Vulnrichment

Updated: 2024-08-02T10:07:06.062Z

cve-icon NVD

Status : Modified

Published: 2023-04-20T19:15:07.237

Modified: 2024-11-21T07:44:31.517

Link: CVE-2023-22321

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.