Login Sign Up

CVE-2021-42585

8.8 HIGH
Remote Code Execution

📋 TL;DR

CVE-2021-42585 is a heap buffer overflow vulnerability in LibreDWG's dwgread library that allows remote code execution when processing malicious DWG files. This affects any application using LibreDWG versions before 0.12.4 to read AutoCAD DWG files. Attackers can exploit this by tricking users into opening specially crafted DWG files.

💻 Affected Systems

Products:
  • LibreDWG
  • Applications using LibreDWG library
Versions: All versions before 0.12.4
Operating Systems: Linux, Windows, macOS, Unix-like systems
Default Config Vulnerable: ⚠️ Yes
Notes: Any application that uses the vulnerable copy_compressed_bytes function in decode_r2007.c when processing DWG files is affected.

📦 What is this software?

Libredwg by Gnu

View all CVEs affecting Libredwg →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the application processing the DWG file, potentially leading to full system compromise.

🟠

Likely Case

Application crash (denial of service) or limited code execution depending on exploit sophistication and memory protections.

🟢

If Mitigated

Application crash with no code execution if ASLR/DEP/stack canaries are properly implemented and effective.

🌐 Internet-Facing: MEDIUM - Requires user interaction to open malicious files, but could be delivered via email, downloads, or web applications.
🏢 Internal Only: MEDIUM - Similar risk profile, but limited to internal file sharing and processing workflows.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Proof of concept exists in the GitHub issue. Exploitation requires crafting a malicious DWG file and getting it processed by vulnerable software.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.12.4 and later

Vendor Advisory: https://github.com/LibreDWG/libredwg/issues/351

Restart Required: Yes

Instructions:

1. Update LibreDWG to version 0.12.4 or later. 2. Rebuild any applications using LibreDWG. 3. Restart affected services or applications.

🔧 Temporary Workarounds

Disable DWG file processing

all

Block or restrict processing of DWG files in vulnerable applications

Use alternative DWG viewers

all

Use different software for DWG file viewing that doesn't use vulnerable LibreDWG versions

🧯 If You Can't Patch

  • Implement strict file upload restrictions for DWG files
  • Use application sandboxing or containerization to limit potential damage

🔍 How to Verify

Check if Vulnerable:

Check if LibreDWG version is below 0.12.4 or if applications report using vulnerable dwgread library

Check Version:

dwgread --version or check package manager for libredwg version

Verify Fix Applied:

Verify LibreDWG version is 0.12.4 or higher and applications have been rebuilt with updated library

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing DWG files
  • Memory access violation errors
  • Segmentation faults in dwgread processes

Network Indicators:

  • Unusual outbound connections after DWG file processing
  • File uploads of DWG files to web applications

SIEM Query:

process_name:dwgread AND (event_type:crash OR memory_violation)

📊 Metadata

CVE ID: CVE-2021-42585
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 23, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-42585, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)