HIGH🇵🇱 Wersja polska

CVE-2021-22645

CVSS 7.8v3.1pub. 2021-02-23upd. 2024-11-21

Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” command, which can be pointed to a .dll from a remote network share. As a result, the .dll entry point can be executed without sufficient UI warning.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Luxion Keyshot

    APP
    Luxion
    < 10.1
  • Luxion Keyshot Network Rendering

    APP
    Luxion
    < 10.1
  • Luxion Keyshot Viewer

    APP
    Luxion
    < 10.1
  • Luxion Keyvr

    APP
    Luxion
    < 10.1
  • Siemens Solid Edge Se2020

    HW
    Siemens
    wszystkie wersje
  • Siemens Solid Edge Se2020 Firmware

    OS
    Siemens
    wszystkie wersje
  • Siemens Solid Edge Se2021

    HW
    Siemens
    wszystkie wersje
  • Siemens Solid Edge Se2021 Firmware

    OS
    Siemens
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-7222HIGH7.8ten sam produkt

Luxion KeyShot 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability al...

CVE-2025-1047HIGH7.8ten sam produkt

Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vuln...

CVE-2025-1046HIGH7.8ten sam produkt

Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows ...

CVE-2025-1045HIGH7.8ten sam produkt

Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vu...

CVE-2025-2530HIGH7.8ten sam produkt

Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vuln...