BE-2021-0005: Out-of-bounds and use-after-free vulnerabilities in MicroStation and MicroStation-based applications

ID Bentley: BE-2021-0005
ID CVE: CVE-2021-34876, CVE-2021-34877, CVE-2021-34878, CVE-2021-34913, CVE-2021-34885, CVE-2021-34888, CVE-2021-34890, CVE-2021-34891, CVE-2021-34892, CVE-2021-34898, CVE-2021-34899, CVE-2021-34909, CVE-2021-34912, CVE-2021-34920, CVE-2021-34921, CVE-2021-34922, CVE-2021-34923, CVE-2021-34924, CVE-2021-34925, CVE-2021-34926, CVE-2021-34927, CVE-2021-34928, CVE-2021-34929, CVE-2021-34930, CVE-2021-34931, CVE-2021-34932, CVE-2021-34933, CVE-2021-34934, CVE-2021-34935, CVE-2021-34936, CVE-2021-34937, CVE-2021-46562, CVE-2021-46563, CVE-2021-34938, CVE-2021-34939, CVE-2021-46564, CVE-2021-46565, CVE-2021-46566, CVE-2021-46567, CVE-2021-46568, CVE-2021-46569, CVE-2021-34940, CVE-2021-34941, CVE-2021-34942, CVE-2021-34943, CVE-2021-34944, CVE-2021-34945, CVE-2021-34946, CVE-2021-46570, CVE-2021-46571, CVE-2021-46572, CVE-2021-46573, CVE-2021-46574, CVE-2021-46576, CVE-2021-46577, CVE-2021-46578, CVE-2021-46579, CVE-2021-46580, CVE-2021-46581, CVE-2021-46585, CVE-2021-46588, CVE-2021-46590, CVE-2021-46591, CVE-2021-46597, CVE-2021-46598, CVE-2021-46600, CVE-2021-46601, CVE-2021-46610, CVE-2021-46621, CVE-2021-46625, CVE-2021-46634, CVE-2021-46655, CVE-2021-46656
Gravità: 7.8
CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Data di pubblicazione: 07/12/2021
Data di revisione: 07/12/2021

Riepilogo
MicroStation e le applicazioni basate su MicroStation possono essere interessate da vulnerabilità fuori dai limiti consentiti o "use-after-free" al momento dell'apertura di file JT creati in modo dannoso. Lo sfruttamento di queste vulnerabilità potrebbe portare all'esecuzione di codice.

Dettagli
Le seguenti vulnerabilità relative a questo avviso sono state scoperte da ZDI di Trend Micro: ZDI-CAN-14828, ZDI-CAN-14829, ZDI-CAN-14830, ZDI-CAN-14831, ZDI-CAN-14838, ZDI-CAN-14841, ZDI-CAN-14843, ZDI-CAN-14844, ZDI-CAN-14845, ZDI-CAN-14865, ZDI-CAN-14866, ZDI-CAN-14882, ZDI-CAN-14885, ZDI-CAN-14898, ZDI-CAN-14899, ZDI-CAN-14900, ZDI-CAN-14901, ZDI-CAN-14902, ZDI-CAN-14903, ZDI-CAN-14904, ZDI-CAN-14905, ZDI-CAN-14906, ZDI-CAN-14907, ZDI-CAN-14908, ZDI-CAN-14909, ZDI-CAN-14910, ZDI-CAN-14911, ZDI-CAN-14912, ZDI-CAN-14913, ZDI-CAN-14914, ZDI-CAN-14915, ZDI-CAN-14987, ZDI-CAN-14990, ZDI-CAN-14995, ZDI-CAN-14996, ZDI-CAN-15023, ZDI-CAN-15024, ZDI-CAN-15027, ZDI-CAN-15028, ZDI-CAN-15030, ZDI-CAN-15031, ZDI-CAN-15039, ZDI-CAN-15040, ZDI-CAN-15041, ZDI-CAN-15051, ZDI-CAN-15052, ZDI-CAN-15054, ZDI-CAN-15055, ZDI-CAN-15364, ZDI-CAN-15365, ZDI-CAN-15366, ZDI-CAN-15367, ZDI-CAN-15368, ZDI-CAN-15370, ZDI-CAN-15371, ZDI-CAN-15372, ZDI-CAN-15373, ZDI-CAN-15374, ZDI-CAN-15375, ZDI-CAN-15379, ZDI-CAN-15382, ZDI-CAN-15384, ZDI-CAN-15385, ZDI-CAN-15391, ZDI-CAN-15392, ZDI-CAN-15394, ZDI-CAN-15395, ZDI-CAN-15404, ZDI-CAN-15415, ZDI-CAN-15455, ZDI-CAN-15464, ZDI-CAN-15630, ZDI-CAN-15631. L'utilizzo di una versione interessata di MicroStation o di un'applicazione basata su MicroStation per aprire un file JT contenente dati creati in modo dannoso può forzare una vulnerabilità use-after-free. Lo sfruttamento di queste vulnerabilità nell'ambito dell'analisi dei file JT potrebbe consentire a un attaccante di eseguire codice nel contesto del processo corrente.

Affected Versions

Mitigazioni consigliate
Bentley consiglia di aggiornare alle ultime versioni di MicroStation e delle applicazioni basate su MicroStation. Si raccomanda inoltre di aprire solo i file JT provenienti da fonti affidabili.

Riconoscimenti
Si ringrazia a xina1i per aver scoperto le seguenti 8 vulnerabilità: ZDI-CAN-14987, ZDI-CAN-15027, ZDI-CAN-15023, ZDI-CAN-15031, ZDI-CAN-14990, ZDI-CAN-15024, ZDI-CAN-15030, ZDI-CAN-15028. Si ringrazia Mat Powell di Zero Day Initiative di Trend Micro per aver scoperto il resto delle vulnerabilità relative a questo avviso.

Revision History