Vulnerabilities > CVE-2022-42901 - Out-of-bounds Write vulnerability in Bentley Microstation and View

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

bentley

CWE-787

NVD

Published: 2022-10-13

Updated: 2023-08-08

Summary

Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds and stack overflow issues when opening crafted XMT files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View.

Vulnerable Configurations

Part	Description	Count
Application	Bentley Bentley Microstation 7.1 Bentley Microstation 10.16.02 Bentley View 10.16.02	3

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.bentley.com/legal/common-vulnerability-exposure-be-2022-0018/