CVE-2023-2763

Name of the Vulnerable Software and Affected Versions SOLIDWORKS Desktop versions Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023

Description The issue exists in the DWG and DXF file reading procedure, allowing an attacker to execute arbitrary code while opening a specially crafted file. This is due to Use-After-Free, Out-of-bounds Write, and Heap-based Buffer Overflow vulnerabilities.

Recommendations For versions Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023, consider avoiding the use of DWG and DXF file reading procedures until a patch is available. As a temporary workaround, restrict the opening of specially crafted DWG or DXF files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.