CVE-2021-25177
📋 TL;DR
A type confusion vulnerability in Open Design Alliance Drawings SDK allows attackers to crash applications by providing malformed .DXF or .DWG files. This can lead to denial of service attacks. Affected are any applications using vulnerable versions of the SDK to process CAD files.
💻 Affected Systems
- Open Design Alliance Drawings SDK
- Applications using ODA Drawings SDK for CAD file processing
📦 What is this software?
Comos by Siemens
Drawings Software Development Kit by Opendesign
Jt2go by Siemens
⚠️ Risk & Real-World Impact
Worst Case
Complete application crash leading to denial of service, potentially disrupting business operations that rely on CAD file processing.
Likely Case
Application crashes when processing malicious CAD files, causing temporary service disruption.
If Mitigated
No impact if patched or if file processing is restricted to trusted sources.
🎯 Exploit Status
Exploitation requires only a malicious CAD file, making it simple to trigger crashes.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2021.11 or later
Vendor Advisory: https://www.opendesign.com/security-advisories
Restart Required: Yes
Instructions:
1. Identify applications using ODA Drawings SDK. 2. Update SDK to version 2021.11 or later. 3. Rebuild/redeploy applications with updated SDK. 4. Restart affected services.
🔧 Temporary Workarounds
Restrict CAD file sources
allOnly allow CAD files from trusted sources to be processed.
Implement file validation
allAdd validation checks for CAD files before processing.
🧯 If You Can't Patch
- Isolate CAD processing to dedicated systems with limited network access.
- Monitor for application crashes and investigate any CAD file processing failures.
🔍 How to Verify
Check if Vulnerable:
Check application documentation or contact vendor to confirm ODA SDK version used. Versions before 2021.11 are vulnerable.Check Version:
Application-specific; consult vendor documentation for version checking.Verify Fix Applied:
Verify SDK version is 2021.11 or later and test with known safe CAD files to ensure stability.📡 Detection & Monitoring
Log Indicators:
- Application crashes during CAD file processing
- Error logs mentioning ODA SDK or CAD parsing failures
Network Indicators:
- Unusual CAD file uploads followed by service disruptions
SIEM Query:
search 'application crash' AND ('DXF' OR 'DWG' OR 'ODA')🔗 References
- https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf
- https://www.opendesign.com/security-advisories
- https://www.zerodayinitiative.com/advisories/ZDI-21-219/
- https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf
- https://www.opendesign.com/security-advisories
- https://www.zerodayinitiative.com/advisories/ZDI-21-219/
