CVE-2021-25173
📋 TL;DR
This vulnerability in Open Design Alliance Drawings SDK allows attackers to crash applications by sending specially crafted DGN files that trigger excessive memory allocation. It affects any software using vulnerable versions of the SDK to process DGN files, potentially causing denial of service.
💻 Affected Systems
- Open Design Alliance Drawings SDK
- Software using ODA Drawings SDK (e.g., Siemens products mentioned in advisories)
📦 What is this software?
Comos by Siemens
Drawings Software Development Kit by Opendesign
Jt2go by Siemens
⚠️ Risk & Real-World Impact
Worst Case
Complete application crash leading to denial of service, potentially disrupting business operations if critical systems are affected.
Likely Case
Application crashes when processing malicious DGN files, causing temporary unavailability and potential data loss in unsaved work.
If Mitigated
Limited impact with proper input validation and memory protection mechanisms in place.
🎯 Exploit Status
Exploitation requires only a malicious DGN file, making it simple to trigger.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2021.12 or later
Vendor Advisory: https://www.opendesign.com/security-advisories
Restart Required: Yes
Instructions:
1. Identify applications using ODA Drawings SDK
2. Update to SDK version 2021.12 or later
3. Rebuild/redeploy applications with updated SDK
4. Restart affected services
🔧 Temporary Workarounds
Input Validation
allImplement strict validation of DGN files before processing
Memory Limit Enforcement
allConfigure memory limits for applications processing DGN files
🧯 If You Can't Patch
- Implement network segmentation to isolate vulnerable systems
- Use application allowlisting to restrict which applications can process DGN files
🔍 How to Verify
Check if Vulnerable:
Check application dependencies for ODA Drawings SDK version < 2021.12Check Version:
Check application documentation or contact vendor for SDK version informationVerify Fix Applied:
Verify SDK version is 2021.12 or later and test with sample DGN files📡 Detection & Monitoring
Log Indicators:
- Application crashes when processing DGN files
- Memory allocation errors in application logs
- Abnormal termination of CAD-related processes
Network Indicators:
- Unexpected DGN file transfers to vulnerable systems
SIEM Query:
search 'application crash' AND 'DGN' OR 'ODA' in application logs🔗 References
- https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf
- https://www.opendesign.com/security-advisories
- https://www.zerodayinitiative.com/advisories/ZDI-21-225/
- https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf
- https://www.opendesign.com/security-advisories
- https://www.zerodayinitiative.com/advisories/ZDI-21-225/
