PT-2021-2170 · Luxion · Keyshot+3

Rgod

Published

2021-02-04

Updated

2021-03-23

CVE-2021-22647

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Luxion KeyShot versions prior to 10.1 Luxion KeyShot Viewer versions prior to 10.1 Luxion KeyShot Network Rendering versions prior to 10.1 Luxion KeyVR versions prior to 10.1

Description The issue is related to out-of-bounds write problems when processing project files, which may allow an attacker to execute arbitrary code. This can occur due to buffer memory boundary overflows.

Recommendations For Luxion KeyShot versions prior to 10.1, update to version 10.1 or later. For Luxion KeyShot Viewer versions prior to 10.1, update to version 10.1 or later. For Luxion KeyShot Network Rendering versions prior to 10.1, update to version 10.1 or later. For Luxion KeyVR versions prior to 10.1, update to version 10.1 or later.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2021-01072

CVE-2021-22647

ZDI-21-318

ZDI-21-320

ZDI-21-321

ZDI-21-322

ZDI-21-326

Affected Products

Keyshot

Keyshot Network Rendering

Keyshot Viewer

Keyvr

PT-2021-2170 · Luxion · Keyshot+3

CVE-2021-22647

Weakness Enumeration

Related Identifiers

Affected Products

References · 13