Login Sign Up

CVE-2023-36272

8.8 HIGH

📋 TL;DR

LibreDWG versions 0.10 through 0.12.5 contain a heap buffer overflow vulnerability in the bit_utf8_to_TU function. This allows attackers to execute arbitrary code or cause denial of service by processing specially crafted DWG files. Users and applications that parse DWG files with vulnerable LibreDWG versions are affected.

💻 Affected Systems

Products:
  • LibreDWG
Versions: 0.10 to 0.12.5
Operating Systems: Linux, Windows, macOS, BSD
Default Config Vulnerable: ⚠️ Yes
Notes: Any application using LibreDWG library to parse DWG files is vulnerable. This includes CAD tools, file converters, and document management systems.

📦 What is this software?

Libredwg by Gnu

View all CVEs affecting Libredwg →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Application crash (denial of service) when processing malicious DWG files, potentially disrupting workflows.

🟢

If Mitigated

Limited to application crash if memory protections (ASLR, DEP) are effective, with no privilege escalation.

🌐 Internet-Facing: MEDIUM - Requires file upload/processing capability; not directly network exploitable.
🏢 Internal Only: MEDIUM - Internal users could exploit via malicious DWG files in shared drives or email attachments.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open a malicious DWG file. No public exploit code is available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.12.6 and later

Vendor Advisory: https://github.com/LibreDWG/libredwg/commit/c1ed1d91e28a6ddc7a9b5479d4795d58fb6be0ca

Restart Required: No

Instructions:

1. Update LibreDWG to version 0.12.6 or later. 2. Recompile any applications using LibreDWG with the updated library. 3. Replace old library files with patched versions.

🔧 Temporary Workarounds

Disable DWG file processing

all

Temporarily block or quarantine DWG files from untrusted sources.

Use alternative DWG parsers

all

Switch to other DWG processing libraries like Teigha or Open Design Alliance.

🧯 If You Can't Patch

  • Implement strict file upload validation to reject suspicious DWG files.
  • Run LibreDWG in sandboxed/containerized environments with limited privileges.

🔍 How to Verify

Check if Vulnerable:

Check LibreDWG version: `dwgread --version` or examine library version in applications.

Check Version:

dwgread --version

Verify Fix Applied:

Confirm version is 0.12.6+ and test with known safe DWG files to ensure functionality.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with segmentation faults in bits.c
  • Memory corruption errors in system logs

Network Indicators:

  • Unusual file uploads of DWG files to web applications

SIEM Query:

source="application.log" AND "segmentation fault" AND "libredwg"

📊 Metadata

CVE ID: CVE-2023-36272
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: June 23, 2023
Last Updated: April 8, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-36272, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)