CVE-2022-46345 in Parasolidinfo

Summary

by MITRE • 12/13/2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19070)

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 12/13/2022

This vulnerability resides within Parasolid, a widely used geometric kernel for computer-aided design and manufacturing applications. The flaw manifests in multiple version streams including V33.1, V34.0, V34.1, and V35.0, with specific affected ranges indicating versions prior to V33.1.264, V34.0.252, V34.1.242, and V35.0.170 respectively. The vulnerability stems from improper bounds checking during the parsing of X_B files, which are binary formats commonly used for exchanging geometric data between CAD applications. This out of bounds write condition represents a critical memory safety issue that can be exploited to achieve arbitrary code execution.

The technical implementation of this vulnerability involves a classic buffer overflow scenario where the parsing logic fails to validate the size of data structures before writing to memory locations. When processing specially crafted X_B files, the application attempts to write data beyond the allocated memory boundaries of a structure, potentially overwriting adjacent memory regions including function pointers, return addresses, or other critical control data. This type of flaw falls under CWE-787: "Out-of-bounds Write" and aligns with ATT&CK technique T1059.007 for execution through binary planting or memory corruption attacks. The vulnerability is particularly dangerous because it allows attackers to manipulate the program's execution flow and potentially execute malicious code with the privileges of the affected application.

The operational impact of this vulnerability extends across numerous CAD and engineering applications that rely on Parasolid for geometric processing. Attackers could leverage this flaw by delivering malicious X_B files through various attack vectors including email attachments, web downloads, or file sharing platforms. Once executed, the vulnerability could enable full system compromise, data exfiltration, or disruption of critical design processes. The affected applications typically run with elevated privileges during CAD operations, making successful exploitation particularly dangerous. Organizations using affected versions of Parasolid should immediately assess their exposure and implement mitigation strategies to protect against potential exploitation.

The recommended mitigation strategy involves upgrading to the patched versions of Parasolid as specified in the CVE references. Organizations should also implement defensive measures including file validation, sandboxing of CAD file processing, and network segmentation to limit potential attack surfaces. Additional controls such as application whitelisting, monitoring for unusual file processing activities, and regular security assessments of CAD environments can help detect and prevent exploitation attempts. Given the widespread use of Parasolid in engineering and manufacturing sectors, this vulnerability represents a significant risk that requires immediate attention from security teams and system administrators.

Reservation

11/30/2022

Disclosure

12/13/2022

Moderation

accepted

CPE

ready

EPSS

0.00331

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!