CVE-2022-40201
HIGHBentley MicroStation Connect < 10.17.0.209 - Stack-based Buffer Overflow via Malformed DGN File
Title source: llmDescription
Bentley Systems MicroStation Connect versions 10.17.0.209 and prior are vulnerable to a Stack-Based Buffer Overflow when a malformed design (DGN) file is parsed. This may allow an attacker to execute arbitrary code.
References (2)
Core 2
Core References
Various Sources
https://www.bentley.com/advisories/be-2023-0003/
Third Party Advisory, US Government Resource government-resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-293-01
Scores
CVSS v3
7.8
EPSS
0.0010
EPSS Percentile
27.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-121
Status
published
Products (1)
bentley/microstation_connect
< 10.17.0.209
Published
Jan 06, 2023
Tracked Since
Feb 18, 2026