Lucene search
HistoryMar 13, 2023 - 6:15 p.m.
CVE-2023-0973
steptools v18sp1
ifcmesh library
null pointer dereference
vulnerability
application crash
cve-2023-0973
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
4.8
Confidence
High
EPSS
0.001
Percentile
20.5%
STEPTools v18SP1 ifcmesh library (v18.1) is affected due to a null pointer dereference, which could allow an attacker to deny application usage when reading a specially constructed file, resulting in an application crash.
Affected configurations
Node
steptoolsifcmesh_libraryRange<18.102
| Vendor | Product | Version | CPE |
|---|---|---|---|
| steptools | ifcmesh_library | * | cpe:2.3:a:steptools:ifcmesh_library:*:*:*:*:*:*:*:* |
Related
prion
prion
Null pointer dereference
2023-03-13 18:15:00
zdi
zdi
cvelist
cvelist
CVE-2023-0973 Step Tools Third-Party
2023-03-13 17:06:05
ics
ics
Step Tools Third-Party
2023-03-09 12:00:00
Siemens Solid Edge
2023-05-11 12:00:00
cve
cve
CVE-2023-0973
2023-03-13 18:15:12
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
4.8
Confidence
High
EPSS
0.001
Percentile
20.5%
Related for NVD:CVE-2023-0973