PT-2022-26650 · Bentley · Bentley View+1
Published
2022-10-13
·
Updated
2025-05-15
·
CVE-2022-42899
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Bentley MicroStation versions prior to 10.17.01.58
Bentley View versions prior to 10.17.01.19
Description
The issue concerns out-of-bounds read and stack overflow problems that occur when opening crafted SKP files. This could lead to information disclosure and code execution. Experts consider it a serious issue, but widespread exploitation is unlikely due to specific conditions that must exist for it to happen.
Recommendations
For Bentley MicroStation versions prior to 10.17.01.58, update to version 10.17.01.58 or later.
For Bentley View versions prior to 10.17.01.19, update to version 10.17.01.19 or later.
Exploit
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bentley Microstation
Bentley View