CVE-2021-34935 : What You Need to Know

A vulnerability has been identified in Bentley View 10.15.0.75, allowing remote attackers to execute arbitrary code. User interaction is required for exploitation through visiting a malicious page or opening a malicious file. The flaw lies in the parsing of JT files.

Understanding CVE-2021-34935

This CVE details a critical vulnerability in Bentley View 10.15.0.75 that opens the door for remote code execution.

What is CVE-2021-34935?

CVE-2021-34935 is a security vulnerability found in Bentley View 10.15.0.75, enabling attackers to run malicious code on the system.

The Impact of CVE-2021-34935

The vulnerability poses a high risk with a CVSS base score of 7.8, allowing attackers to compromise confidentiality, integrity, and availability of affected systems.

Technical Details of CVE-2021-34935

This section delves into the key technical aspects of the CVE.

Vulnerability Description

The vulnerability results from improper parsing of JT files, allowing attackers to trigger buffer overflow and execute arbitrary code.

Affected Systems and Versions

Bentley View version 10.15.0.75 is confirmed to be affected by this vulnerability.

Exploitation Mechanism

Attackers can exploit this flaw by tricking users into visiting a malicious webpage or opening a harmful file to execute code.

Mitigation and Prevention

Discover effective measures to mitigate the risks associated with CVE-2021-34935.

Immediate Steps to Take

Users are urged to update Bentley View to a secure version, remain cautious while handling untrusted files, and avoid visiting suspicious websites.

Long-Term Security Practices

Implementing regular security patches, employing strong email filtering, and educating users on safe browsing habits can enhance long-term security.

Patching and Updates

Stay informed about security updates related to Bentley View to promptly apply patches and secure your system.