CVE-2022-28311: 
Bentley MicroStation CONNECT vulnerability analysis and mitigation

CVE-2022-28311 is a vulnerability discovered in Bentley MicroStation CONNECT version 10.16.02.034 and prior versions. The vulnerability was reported on January 21, 2022, and publicly disclosed on April 12, 2022. It affects the DXF file parsing functionality in MicroStation CONNECT and Bentley View applications. This vulnerability allows remote attackers to execute arbitrary code, though user interaction is required as the target must open a malicious file (ZDI Advisory).

The vulnerability exists within the parsing of DXF files, where crafted data can trigger a read past the end of an allocated buffer. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The local attack vector (AV:L) indicates that the attack must be launched from the same machine, while the user interaction required (UI:R) component indicates that exploitation requires user action (ZDI Advisory, Bentley Advisory).

Successful exploitation of this vulnerability allows an attacker to execute code in the context of the current process, potentially leading to complete control of the affected system. The vulnerability can result in information disclosure and could enable an attacker to read sensitive information in the context of the current process (ZDI Advisory).

Bentley has issued an update to correct this vulnerability. Users should update to version 10.16.03.* or more recent versions of MicroStation and MicroStation-based applications. As a general best practice, it is recommended to only open DXF files from trusted sources (Bentley Advisory).