CVE-2021-43273

Vulnerability

An out-of-bounds read vulnerability exists in the DGN file reading procedure of the Open Design Alliance (ODA) Drawings SDK before version 2022.11. The issue is triggered when parsing specially crafted DGN files due to a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This affects products built on the SDK, such as ODA Drawings Explorer and ODAViewer [1][2][3][4].

Exploitation

An attacker must convince a user to open a malicious DGN file or visit a page that loads the file. The vulnerability requires user interaction but no authentication. The attacker crafts the DGN file with data that causes the parser to read beyond the allocated buffer boundary [2][3][4]. No special network position is needed beyond delivering the file to the target.

Impact

Successful exploitation results in information disclosure from memory outside the intended buffer. The ZDI advisories assign a CVSS score of 3.3 (Low) and classify it as an information disclosure vulnerability. However, multiple sources note that an attacker can leverage this issue in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process [1][2][3][4].

Mitigation

The vulnerability is fixed in ODA Drawings SDK version 2022.11. Users should update to this version or later. If upgrading is not possible, avoid opening untrusted DGN files. The ODA security advisories page provides the latest information on fixes [1].