ICSA-23-103-14 · Published 2023-04-20 · View on CISA ICS-CERT ↗

Datakit CrossCAD-WARE

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information or execute arbitrary code.

CVE-2023-22295 CVE-2023-22321 CVE-2023-22354 CVE-2023-22846 CVE-2023-23579

Datakit recommends user upgrade to v2023.1 or later.
Datakit has identified specific workarounds and mitigations that should be applied to reduce the risk:
Do not open untrusted SLDPRT files with CrossCAD/Ware
Update CrossCAD/Ware to 2023.1 or a later version.

Datakit

Datakit · CrossCad/Ware_x64 library < 2023.1

Critical Manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.