CVE-2023-22321 — Vulnetix

CVE-2023-22321 PUBLISHED CVSS 3.299999952316284 LOW

Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.

EPSS 0.07% · 20.9th percentile

Risk Scores

CVSS v3.1

3.299999952316284

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

EPSS Score

0.07%

20.9th percentile

Affected Products

Vendor	Product	Versions
Datakit	CrossCAD/Ware_x64 library 0	0
datakit	crosscadware	0, 0, 0

Timeline

Feb 14, 2023 CVE Published
Apr 21, 2023 EPSS Score
May 28, 2023 EPSS Score
Jul 5, 2023 EPSS Score
Aug 11, 2023 EPSS Score
Sep 17, 2023 EPSS Score
Oct 25, 2023 EPSS Score
Dec 1, 2023 EPSS Score
Jan 7, 2024 EPSS Score
Feb 14, 2024 EPSS Score
Mar 22, 2024 EPSS Score
Apr 28, 2024 EPSS Score

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14 url
https://nvd.nist.gov/vuln/detail/CVE-2023-22321 advisory

Open in Interactive Console →