Vulnerabilities > CVE-2023-0973 - NULL Pointer Dereference vulnerability in Steptools Ifcmesh Library

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

steptools

CWE-476

NVD

Published: 2023-03-13

Updated: 2023-11-07

Summary

STEPTools v18SP1 ifcmesh library (v18.1) is affected due to a null pointer dereference, which could allow an attacker to deny application usage when reading a specially constructed file, resulting in an application crash.

Vulnerable Configurations

Part	Description	Count
Application	Steptools Steptools Ifcmesh Library *	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-04