{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T23:54:30.050","vulnerabilities":[{"cve":{"id":"CVE-2021-32938","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2021-06-17T13:15:07.837","lastModified":"2024-11-21T06:07:57.967","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory."},{"lang":"es","value":"Drawings SDK (todas las versiones anteriores a 2022.4) es vulnerable a una lectura fuera de límites debido al análisis de archivos DWG resultando en una falta de comprobación apropiada de los datos suministrados por el usuario. Esto puede resultar en una lectura más allá del final de un búfer asignado y permite a atacantes causar una condición de denegación de servicio o leer información confidencial de la memoria"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opendesign:drawings_sdk:*:*:*:*:*:*:*:*","versionEndExcluding":"2022.4","matchCriteriaId":"FEFEE0EB-BDA4-4D1A-85B5-0D0A80EE26FA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4.1","matchCriteriaId":"0F0CFB85-CD4F-424C-8B9F-9289D08FA665"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*","versionEndExcluding":"13.2.0.1","matchCriteriaId":"C811E8B2-CA0C-4A71-A803-A30C4DAF1476"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*","versionEndExcluding":"13.2.0.1","matchCriteriaId":"87BB2370-46C4-4BEC-8189-1F7FE4C1E12D"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf","source":"ics-cert@hq.dhs.gov","tags":["Patch","Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf","source":"ics-cert@hq.dhs.gov","tags":["Patch","Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf","source":"ics-cert@hq.dhs.gov"},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02","source":"ics-cert@hq.dhs.gov","tags":["Patch","Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-980/","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-365397.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-980/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}