CVE-2021-34928: 
Bentley MicroStation CONNECT vulnerability analysis and mitigation

CVE-2021-34928 is a vulnerability in Bentley View 10.15.0.75 that allows remote attackers to execute arbitrary code. The vulnerability was discovered by Mat Powell of Trend Micro Zero Day Initiative and was disclosed on December 8, 2021. The vulnerability affects Bentley View and MicroStation installations prior to version 10.16.02 (Vendor Advisory, ZDI Advisory).

The vulnerability exists within the parsing of JT files and is classified as an Out-of-Bounds Write (CWE-787). When parsing JT files, crafted data can trigger a write past the end of an allocated buffer. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) with the vector string: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (ZDI Advisory).

If successfully exploited, an attacker can leverage this vulnerability to execute code in the context of the current process. The vulnerability requires user interaction, as the target must visit a malicious page or open a malicious file (ZDI Advisory).

Bentley has released version 10.16.02 to address this vulnerability. Users are recommended to update to the latest versions of MicroStation and MicroStation-based applications. As a general best practice, it is also recommended to only open JT files coming from trusted sources (Vendor Advisory).