CVE-2021-34942: 
Bentley MicroStation CONNECT vulnerability analysis and mitigation

CVE-2021-34942 is a remote code execution vulnerability in Bentley View 10.15.0.75, discovered by Mat Powell of Trend Micro Zero Day Initiative and disclosed on December 8th, 2021. The vulnerability exists within the parsing of JT files and affects installations of Bentley View and MicroStation-based applications. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file (ZDI Advisory, Bentley Advisory).

The vulnerability is caused by a read past the end of an allocated buffer when parsing JT files. The CVSS v3.1 score is 7.8 HIGH with vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access, low attack complexity, no privileges required, user interaction required, and high impacts to confidentiality, integrity, and availability (ZDI Advisory).

If successfully exploited, this vulnerability allows attackers to execute arbitrary code in the context of the current process. This could potentially give attackers the same rights and privileges as the compromised process (ZDI Advisory).

Bentley has released version 10.16.02.* to address this vulnerability. Users are recommended to update to the latest versions of MicroStation and MicroStation-based applications. As a general best practice, it is also recommended to only open JT files coming from trusted sources (Bentley Advisory).