BE-2022-0013: IFC File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0013 CVE ID: CVE-2022-35904 Severity: 3.3 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Publication date: 2022-07-13 Revision date: 2022-07-13 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds read vulnerabilities when opening maliciously crafted IFC files. Exploiting these vulnerabilities could lead to information disclosure. … Read more

BE-2022-0018: XMT File Parsing Out-of-bounds and Stack Overflow vulnerabilities in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0018 CVE ID: CVE-2022-42901 Severity: 7.8 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Publication date: 2022-10-12 Revision date: 2022-10-12 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds and stack overflow vulnerabilities when opening maliciously crafted XMT files. Exploiting these vulnerabilities could … Read more

BE-2022-0014: J2K File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0014 CVE ID: CVE-2022-35901 Severity: 3.3 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Publication date: 2022-07-13 Revision date: 2022-07-13 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds read vulnerabilities when opening maliciously crafted J2K files. Exploiting these vulnerabilities could lead to information disclosure. … Read more

BE-2022-0017: SKP File Parsing Out-of-bounds Read Vulnerabilities and Stack Overflow in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0017 CVE ID: CVE-2022-42899 Severity: 7.8 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Publication date: 2022-10-12 Revision date: 2022-10-12 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds read and stack overflow vulnerabilities when opening maliciously crafted SKP files. Exploiting these … Read more

BE-2022-0012: FBX File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0012 CVE ID: CVE-2022-35905 Severity: 3.3 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Publication date: 2022-07-13 Revision date: 2022-07-13 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds read vulnerabilities when opening maliciously crafted FBX files. Exploiting these vulnerabilities could lead to information disclosure. … Read more

BE-2022-0019: FBX File Parsing Out-of-bounds Read Vulnerabilities and Head Overflow in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0019 CVE ID: CVE-2022-42900 Severity: 7.8 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Publication date: 2022-10-12 Revision date: 2022-10-12 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds read vulnerabilities when opening maliciously crafted FBX files. Exploiting these vulnerabilities could lead … Read more

BE-2022-0010: 3DS File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0010 CVE ID: CVE-2022-35903 Severity: 3.3 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Publication date: 2022-07-13 Revision date: 2022-07-13 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds read vulnerabilities when opening maliciously crafted 3DS files. Exploiting these vulnerabilities could lead to information disclosure. … Read more

BE-2022-0016: OBJ File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0016 CVE ID: CVE-2022-35902 Severity: 3.3 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Publication date: 2022-07-13 Revision date: 2022-07-13 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds read vulnerabilities when opening maliciously crafted OBJ files. Exploiting these vulnerabilities could lead to information disclosure. … Read more

BE-2022-0015: JP2 File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0015 CVE ID: CVE-2022-35900 Severity: 3.3 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Publication date: 2022-07-13 Revision date: 2022-07-13 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds read vulnerabilities when opening maliciously crafted JP2 files. Exploiting these vulnerabilities could lead to information disclosure. … Read more

BE-2022-0011: DGN File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications Bentley ID: BE-2022-0011 CVE ID: CVE-2022-35906 Severity: 3.3 CVSS v3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Publication date: 2022-07-13 Revision date: 2022-07-13 Summary MicroStation and MicroStation-based applications may be affected by out-of-bounds read vulnerabilities when opening maliciously crafted DGN files. Exploiting these vulnerabilities could lead to information disclosure. … Read more