CVE-2023-22669

Vulnerability

Parsing of DWG files in Open Design Alliance Drawings SDK versions prior to 2023.6 lacks proper validation of the length of user-supplied XRecord data before copying it to a fixed-length heap-based buffer. This heap buffer overflow occurs during the processing of specially crafted DWG files. Affected versions: all versions before 2023.6 [1].

Exploitation

An attacker can exploit this vulnerability by providing a malicious DWG file to an application using the vulnerable SDK. No authentication is required; the attacker only needs to convince a user to open the file or have the application process it automatically. The lack of length validation allows the attacker to write controlled data beyond the allocated buffer.

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the current process. This can lead to full compromise of the affected system, including data theft, installation of malware, or further lateral movement.

Mitigation

The vulnerability is fixed in Open Design Alliance Drawings SDK version 2023.6, released on or before the advisory date. Users should update to the latest version. No workarounds are mentioned in the available references [1].