CVE-2021-42024

Name of the Vulnerable Software and Affected Versions Simcenter STAR-CCM+ Viewer versions prior to 2021.3.1

Description A vulnerability has been identified in the starview+.exe application, which lacks proper validation of user-supplied data when parsing scene files. This could result in an out of bounds write past the end of an allocated structure, allowing an attacker to execute code in the context of the current process.

Recommendations For versions prior to 2021.3.1, update to version 2021.3.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the starview+.exe application until a patch is applied. Avoid using the application to parse untrusted scene files until the issue is resolved.