CVE-2021-32952

Name of the Vulnerable Software and Affected Versions Drawings SDK versions 2022.4 and prior

Description An out-of-bounds write issue exists in the DGN file-reading procedure due to the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process.

Recommendations For versions 2022.4 and prior, consider disabling the DGN file-reading procedure until a patch is available to prevent potential exploitation. Restrict access to the Drawings SDK to minimize the risk of exploitation. Avoid using the Drawings SDK for parsing DGN files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.