https://www.3ds.com/vulnerability/advisories <br/></td> CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"/>https://www.3ds.com/vulnerability/advisories <br/></td> CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"/>

Exploit
CVE-2024-1847

Out-of-bounds Read (CWE-125)

Published: Feb 28, 2024 / Updated: 8mo ago

010
CVSS 7.8EPSS 0.04%High
CVE info copied to clipboard

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SAT files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Dassault Syst&#232;mes has issued an update to correct this vulnerability. More details can be found at: https://www.3ds.com/vulnerability/advisories

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-1847

Feb 28, 2024 at 10:15 AM
First Article

Feedly found the first article mentioning CVE-2024-1847. See article

Feb 28, 2024 at 6:21 PM / National Vulnerability Database
EPSS

EPSS Score was set to: 0.04% (Percentile: 6.9%)

Feb 29, 2024 at 3:01 PM
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 2, 2024 at 10:38 AM
Static CVE Timeline Graph

Affected Systems

Dassault
+null more

Exploits

https://www.zerodayinitiative.com/advisories/ZDI-24-279/
+null more

Attack Patterns

CAPEC-540: Overread Buffers
+null more

Vendor Advisory

ZDI-24-256: Dassault Systèmes eDrawings CATPART File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. Dassault Systèmes has issued an update to correct this vulnerability.

News

Multiple vulnerabilities exist in file reading procedure in eDrawings from Re...
Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. Mat Powell of Trend Micro Zero Day Initiative finder
ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu
Exclusive A Microsoft zero-day vulnerability that Trend Micro’s Zero Day Initiative team claims it found and reported to Redmond in May was disclosed and patched by the Windows giant in July’s Patch Tuesday – but without any credit given to ZDI. This entire series of unfortunate events not only highlights problems with Microsoft’s bug reporting program, but also the coordinated vulnerability disclosure process in general, according to Childs.
ZDI shames Microsoft for coordinated vulnerability disclosure failure • The Register
Exclusive A Microsoft zero-day exploit that Trend Micro’s Zero-Day Initiative team claims to have found and reported to Redmond in May was disclosed and patched by the Windows giant on July’s Patch Tuesday, but without giving any credit to ZDI. According to Childs, this whole series of unfortunate events not only highlights problems with Microsoft’s bug reporting program, but also the coordinated vulnerability disclosure process in general.
ZDI shames Microsoft for – yet another – coordinated vulnerability disclosure snafu
Exclusive A Microsoft zero-day exploit that Trend Micro's Zero Day Initiative team claims it found and reported to Redmond in May was disclosed and patched by the Windows giant in July's Patch Tuesday – but without any credit given to ZDI. This entire series of unfortunate events not only highlights problems with Microsoft's bug reporting program, but also the coordinated vulnerability disclosure process in general, according to Childs.
eDrawings Viewer DXF File Parsing RCE Vulnerability - 202405010004
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Systèmes eDrawings Viewer. CVE Severity CVSS Product(s) Affected Summary Dated CVE-2024-3298 Critical 7.8 from Release SOLIDWORKS 2023
See 22 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:None
User Interaction:Required
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI