CVE-2021-32946

Name of the Vulnerable Software and Affected Versions Drawings SDK versions 2022.4 and prior

Description The issue exists within the parsing DGN files from Drawings SDK, resulting from the lack of proper validation of the user-supplied data. This may result in out-of-bounds problems and allow attackers to cause a denial-of-service condition or execute code in the context of the current process.

Recommendations For Drawings SDK versions 2022.4 and prior, consider disabling the DGN file parsing functionality until a patch is available. Restrict access to the Drawings SDK to minimize the risk of exploitation. Avoid using the Drawings SDK to parse DGN files from untrusted sources until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.