CVE-2021-31508

Vulnerability

A stack-based buffer overflow exists in OpenText Brava! Desktop version 16.6.3.84 during the parsing of DXF files [1]. The specific flaw is triggered when the application fails to properly validate the length of user-supplied data, resulting in a write past the end of an allocated buffer on the heap [1]. No special configuration or privilege is required for the vulnerable code path to be reachable; any user opening a DXF file is susceptible.

Exploitation

To exploit the vulnerability, an attacker must craft a malicious DXF file or convince a user to visit a webpage that triggers the file open dialog [1]. The victim must then open the malicious file using Brava! Desktop. No authentication or network credentials are required beyond initial access to the file. The out-of-bounds write occurs as the parser processes specially crafted fields within the DXF data [1].

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the current user process [1]. Given the privileges of the logged-in user, this could lead to full compromise of the affected system, including confidentiality, integrity, and availability impacts. The CVSS v3 score is 7.8, classified as High severity [1].

Mitigation

The vendor has not released a fixed version as of the publication date (2021-06-29) [1]. Users should restrict execution of Brava! Desktop to trusted environments and avoid opening DXF files from untrusted sources. The vulnerability is not listed in CISA’s Known Exploited Vulnerabilities Catalog as of the reference date. No official workaround has been provided by OpenText [1].