Login Sign Up

CVE-2021-46570

7.8 HIGH

📋 TL;DR

This vulnerability in Bentley View allows remote attackers to disclose sensitive information by exploiting improper memory initialization when parsing JT files. Attackers can combine this with other vulnerabilities to execute arbitrary code. Users of affected Bentley View versions who open malicious JT files or visit malicious web pages are at risk.

💻 Affected Systems

Products:
  • Bentley View
Versions: 10.16.0.80 and earlier versions
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in JT file parsing functionality; any installation using this feature is vulnerable.

📦 What is this software?

Microstation by Bentley

View all CVEs affecting Microstation →

Microstation Connect by Bentley

View all CVEs affecting Microstation Connect →

View by Bentley

View all CVEs affecting View →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and lateral movement within the network.

🟠

Likely Case

Information disclosure and potential system compromise if combined with other vulnerabilities.

🟢

If Mitigated

Limited impact with proper file validation and user awareness preventing malicious file execution.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction (opening malicious file) and typically needs chaining with other vulnerabilities for full RCE.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to Bentley View version 10.16.1 or later

Vendor Advisory: https://www.bentley.com/en/common-vulnerability-exposure/BE-2021-0005

Restart Required: Yes

Instructions:

1. Download latest Bentley View installer from official Bentley website
2. Run installer and follow prompts
3. Restart system after installation completes
4. Verify version is 10.16.1 or higher

🔧 Temporary Workarounds

Disable JT file association

windows

Remove Bentley View as default handler for JT files to prevent automatic opening

Control Panel > Default Programs > Associate a file type or protocol with a program > Select .jt > Change program > Choose another application

Implement application whitelisting

windows

Restrict execution of Bentley View to trusted locations only

🧯 If You Can't Patch

  • Implement strict file validation policies to block untrusted JT files
  • Use network segmentation to isolate Bentley View systems from critical assets

🔍 How to Verify

Check if Vulnerable:

Check Bentley View version in Help > About; if version is 10.16.0.80 or earlier, system is vulnerable

Check Version:

Open Bentley View > Help > About

Verify Fix Applied:

Verify version is 10.16.1 or higher in Help > About dialog

📡 Detection & Monitoring

Log Indicators:

  • Unexpected process crashes of Bentley View
  • Multiple failed JT file parsing attempts
  • Unusual file access patterns from Bentley View process

Network Indicators:

  • Outbound connections from Bentley View to unknown IPs
  • JT file downloads from untrusted sources

SIEM Query:

process_name="Bentley View" AND (event_id=1000 OR file_extension=".jt")

📊 Metadata

CVE ID: CVE-2021-46570
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-457
Published: February 18, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-46570, you might also want to check these:

CVE-2025-54874 9.8

This vulnerability in OpenJPEG allows an attacker to write data beyond allocated heap memory boundar...

Same vulnerability type (CWE-457)
CVE-2022-40510 9.8

CVE-2022-40510 is a critical memory corruption vulnerability in Qualcomm audio components that allow...

Same vulnerability type (CWE-457)
CVE-2022-21217 9.8

CVE-2022-21217 is a critical out-of-bounds write vulnerability in Reolink RLC-410W IP cameras that a...

Same vulnerability type (CWE-457)