CVE-2021-34930: 
Bentley MicroStation CONNECT vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2021-34930) was discovered in Bentley View version 10.15.0.75. The vulnerability was identified and reported by Mat Powell of Trend Micro Zero Day Initiative (ZDI-CAN-14908) and was disclosed on December 8, 2021. The flaw exists within the parsing of JT files, where crafted data can trigger a read past the end of an allocated buffer (ZDI Advisory, Bentley Advisory).

The vulnerability is classified as an out-of-bounds read vulnerability that can lead to remote code execution. It received a CVSS v3.1 score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high severity. The specific flaw occurs during the parsing of JT files, where maliciously crafted data can trigger a read operation that extends beyond the boundaries of an allocated buffer (ZDI Advisory).

If successfully exploited, this vulnerability allows attackers to execute arbitrary code in the context of the current process. The attack requires user interaction, specifically opening a malicious file or visiting a malicious page. The high CVSS score reflects the potential for complete compromise of the system's confidentiality, integrity, and availability (ZDI Advisory).

Bentley has addressed this vulnerability in version 10.16.02.* and more recent releases of Bentley View. Users are recommended to update to the latest version of the software. As a general best practice, Bentley also recommends only opening JT files from trusted sources (Bentley Advisory).