CVE-2024-1847 - OpenCVE

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://www.3ds.com/vulnerability/advisories

History

Mon, 02 Sep 2024 08:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-122 CWE-457

MITRE

Status: PUBLISHED

Assigner: 3DS

Published: 2024-02-28T17:34:00.666Z

Updated: 2024-09-02T08:11:23.914Z

Reserved: 2024-02-23T16:39:26.436Z

Link: CVE-2024-1847

Vulnrichment

Updated: 2024-08-01T18:56:22.102Z

NVD

Status : Awaiting Analysis

Published: 2024-02-28T18:15:45.687

Modified: 2024-09-02T09:15:04.283

Link: CVE-2024-1847

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1847", "assignerOrgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433", "state": "PUBLISHED", "assignerShortName": "3DS", "dateReserved": "2024-02-23T16:39:26.436Z", "datePublished": "2024-02-28T17:34:00.666Z", "dateUpdated": "2024-09-02T08:11:23.914Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433", "shortName": "3DS", "dateUpdated": "2024-09-02T08:11:23.914Z"}, "title": "Multiple vulnerabilities exist in file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-416", "description": "CWE-416 Use After Free", "type": "CWE"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "type": "CWE"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "type": "CWE"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-843", "description": "CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')", "type": "CWE"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-908", "description": "CWE-908 Use of Uninitialized Resource", "type": "CWE"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "type": "CWE"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-457", "description": "CWE-457: Use of Uninitialized Variable", "type": "CWE"}]}], "affected": [{"vendor": "Dassault Syst\u00e8mes", "product": "eDrawings", "versions": [{"status": "affected", "version": "Release SOLIDWORKS 2023 SP0", "lessThanOrEqual": "Release SOLIDWORKS 2023 SP5", "versionType": "custom"}, {"status": "affected", "version": "Release SOLIDWORKS 2024 SP0", "lessThanOrEqual": "Release SOLIDWORKS 2024 SP1", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID."}]}], "references": [{"url": "https://www.3ds.com/vulnerability/advisories"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "credits": [{"lang": "en", "value": "Mat Powell of Trend Micro Zero Day Initiative", "user": "00000000-0000-4000-9000-000000000000", "type": "finder"}, {"lang": "en", "value": "Francis Provencher {PRL}", "user": "00000000-0000-4000-9000-000000000000", "type": "finder"}, {"lang": "en", "value": "rgod", "user": "00000000-0000-4000-9000-000000000000", "type": "finder"}]}, "adp": [{"affected": [{"vendor": "3ds", "product": "edrawings", "cpes": ["cpe:2.3:a:3ds:edrawings:2023:sp0:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "2023", "status": "affected", "lessThanOrEqual": "2023_sp5", "versionType": "custom"}]}, {"vendor": "3ds", "product": "edrawings", "cpes": ["cpe:2.3:a:3ds:edrawings:2024:sp0:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "2024", "status": "affected", "lessThanOrEqual": "2024_sp1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-28T20:15:41.666871Z", "id": "CVE-2024-1847", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T15:33:34.173Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:56:22.102Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.3ds.com/vulnerability/advisories", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.3ds.com/vulnerability/advisories", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:56:22.102Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1847", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-02-28T20:15:41.666871Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:3ds:edrawings:2023:sp0:*:*:*:*:*:*"], "vendor": "3ds", "product": "edrawings", "versions": [{"status": "affected", "version": "2023", "versionType": "custom", "lessThanOrEqual": "2023_sp5"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:3ds:edrawings:2024:sp0:*:*:*:*:*:*"], "vendor": "3ds", "product": "edrawings", "versions": [{"status": "affected", "version": "2024", "versionType": "custom", "lessThanOrEqual": "2024_sp1"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T15:33:23.154Z"}}], "cna": {"title": "Multiple vulnerabilities exist in file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Mat Powell of Trend Micro Zero Day Initiative"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Francis Provencher {PRL}"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "rgod"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dassault Syst\u00e8mes", "product": "eDrawings", "versions": [{"status": "affected", "version": "Release SOLIDWORKS 2023 SP0", "versionType": "custom", "lessThanOrEqual": "Release SOLIDWORKS 2023 SP5"}, {"status": "affected", "version": "Release SOLIDWORKS 2024 SP0", "versionType": "custom", "lessThanOrEqual": "Release SOLIDWORKS 2024 SP1"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.3ds.com/vulnerability/advisories"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID.", "supportingMedia": [{"type": "text/html", "value": "Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-843", "description": "CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-908", "description": "CWE-908 Use of Uninitialized Resource"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-457", "description": "CWE-457: Use of Uninitialized Variable"}]}], "providerMetadata": {"orgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433", "shortName": "3DS", "dateUpdated": "2024-09-02T08:11:23.914Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1847", "state": "PUBLISHED", "dateUpdated": "2024-09-02T08:11:23.914Z", "dateReserved": "2024-02-23T16:39:26.436Z", "assignerOrgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433", "datePublished": "2024-02-28T17:34:00.666Z", "assignerShortName": "3DS"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID."}, {"lang": "es", "value": "Existen vulnerabilidades de desbordamiento de b\u00fafer de almacenamiento din\u00e1mico, corrupci\u00f3n de memoria, lectura fuera de los l\u00edmites, escritura fuera de los l\u00edmites, desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria, confusi\u00f3n de tipos, variable no inicializada y Use-After-Free vulnerabilidades en el procedimiento de lectura de archivos en eDrawings desde Lanzamiento de SOLIDWORKS 2023 a lanzamiento de SOLIDWORKS 2024. Estas vulnerabilidades podr\u00edan permitir a un atacante ejecutar c\u00f3digo arbitrario al abrir un archivo CATPART, DWG, DXF, IPT, JT, SAT, SLDDRW, SLDPRT, STL, STP, X_B o X_T especialmente manipulado."}], "id": "CVE-2024-1847", "lastModified": "2024-09-02T09:15:04.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "3DS.Information-Security@3ds.com", "type": "Secondary"}]}, "published": "2024-02-28T18:15:45.687", "references": [{"source": "3DS.Information-Security@3ds.com", "url": "https://www.3ds.com/vulnerability/advisories"}], "sourceIdentifier": "3DS.Information-Security@3ds.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}, {"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-416"}, {"lang": "en", "value": "CWE-457"}, {"lang": "en", "value": "CWE-787"}, {"lang": "en", "value": "CWE-843"}, {"lang": "en", "value": "CWE-908"}], "source": "3DS.Information-Security@3ds.com", "type": "Secondary"}]}