Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2023-0054
Vulnerability from csaf_certbund - Published: 2023-01-10 23:00 - Updated: 2023-01-10 23:00Summary
Microsoft 3D Builder App: Mehrere Schwachstellen ermöglichen Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Microsoft bietet in der Apps-Produktfamilie zahlreiche Anwendungen für mobile Endgeräte an.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in der Microsoft App "3D Builder" ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Microsoft bietet in der Apps-Produktfamilie zahlreiche Anwendungen f\u00fcr mobile Endger\u00e4te an.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in der Microsoft App \"3D Builder\" ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0054 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0054.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0054 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0054"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates vom 2023-01-10",
"url": "https://msrc.microsoft.com/update-guide"
}
],
"source_lang": "en-US",
"title": "Microsoft 3D Builder App: Mehrere Schwachstellen erm\u00f6glichen Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2023-01-10T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:41:00.743+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0054",
"initial_release_date": "2023-01-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-01-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Microsoft Apps 3D Builder",
"product": {
"name": "Microsoft Apps 3D Builder",
"product_id": "T025787",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:apps:3d_builder"
}
}
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-21793",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21793"
},
{
"cve": "CVE-2023-21792",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21792"
},
{
"cve": "CVE-2023-21791",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21791"
},
{
"cve": "CVE-2023-21790",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21790"
},
{
"cve": "CVE-2023-21789",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21789"
},
{
"cve": "CVE-2023-21788",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21788"
},
{
"cve": "CVE-2023-21787",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21787"
},
{
"cve": "CVE-2023-21786",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21786"
},
{
"cve": "CVE-2023-21785",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21785"
},
{
"cve": "CVE-2023-21784",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21784"
},
{
"cve": "CVE-2023-21783",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21783"
},
{
"cve": "CVE-2023-21782",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21782"
},
{
"cve": "CVE-2023-21781",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21781"
},
{
"cve": "CVE-2023-21780",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in der Microsoft App \"3D Builder\". Die Fehler sind noch nicht im Detail beschrieben. Ein entfernter anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T025787"
]
},
"release_date": "2023-01-10T23:00:00.000+00:00",
"title": "CVE-2023-21780"
}
]
}
CVE-2023-21784 (GCVE-0-2023-21784)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21784"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:14.438Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21784"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21784",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:14.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21781 (GCVE-0-2023-21781)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:50.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21781"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:13.201Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21781"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21781",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:13.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21791 (GCVE-0-2023-21791)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:15.780Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21791"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21791",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:15.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21786 (GCVE-0-2023-21786)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21786"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:15.188Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21786"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21786",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:15.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21782 (GCVE-0-2023-21782)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21782"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:13.797Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21782"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21782",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:13.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21787 (GCVE-0-2023-21787)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21787",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-05T21:52:12.777961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T20:08:46.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21787"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:24.694Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21787"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21787",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:24.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21780 (GCVE-0-2023-21780)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21780"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-01-11T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:12.671Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21780"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21780",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:12.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21789 (GCVE-0-2023-21789)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-369 - Divide By Zero
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21789"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-369",
"description": "CWE-369: Divide By Zero",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:25.804Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21789"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21789",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:25.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21792 (GCVE-0-2023-21792)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:50.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21792"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:26.770Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21792"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21792",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:26.770Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21790 (GCVE-0-2023-21790)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21790"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:26.312Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21790"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21790",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:26.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21788 (GCVE-0-2023-21788)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21788"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:25.190Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21788"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21788",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:25.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21785 (GCVE-0-2023-21785)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:50.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21785"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T18:02:04.201055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T18:02:15.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:24.133Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21785"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21785",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:24.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21793 (GCVE-0-2023-21793)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21793"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:16.373Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21793"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21793",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:16.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21783 (GCVE-0-2023-21783)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:36
VLAI?
EPSS
Summary
3D Builder Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | 3D Builder |
Affected:
20.0.0 , < 20.0.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:51.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21783"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "3D Builder",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20.0.1",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:3d_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.0.1",
"versionStartIncluding": "20.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "3D Builder Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:36:23.646Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "3D Builder Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21783"
}
],
"title": "3D Builder Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21783",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-16T00:00:00",
"dateUpdated": "2025-01-01T00:36:23.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…