CVE-2023-22354 — Vulnetix

CVE-2023-22354 PUBLISHED CVSS 3.299999952316284 LOW

Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.

EPSS 0.07% · 21.0th percentile

Risk Scores

CVSS 3.1

3.299999952316284

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

EPSS Score

0.07%

21.0th percentile

Affected Products

Vendor	Product	Versions
datakit	crosscadware	0, 0, 0
Datakit	CrossCAD/Ware_x64 library 0	0

Exploit Intelligence

https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14 (circl)

Timeline

Feb 14, 2023 CVE Published
Apr 21, 2023 EPSS Score
May 28, 2023 EPSS Score
Jul 5, 2023 EPSS Score
Aug 11, 2023 EPSS Score
Sep 18, 2023 EPSS Score
Oct 25, 2023 EPSS Score
Dec 1, 2023 EPSS Score
Jan 8, 2024 EPSS Score
Feb 14, 2024 EPSS Score
Mar 23, 2024 EPSS Score
Apr 29, 2024 EPSS Score

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14 url
https://nvd.nist.gov/vuln/detail/CVE-2023-22354 advisory

Open in Interactive Console →