← back
CVE-2020-28623

CVE-2020-28623

CVSS 10 CRITICALEPSS 2.2%CWE-129
In short

A flaw in CGAL's polygon file parser allows attackers to craft malicious files that trigger out-of-bounds memory reads and type confusion, potentially leading to arbitrary code execution on systems processing these files.

Technical detail

CVE-2020-28623 exploits improper bounds checking in the Nef polygon-parsing functionality (specifically SNC_io_parser<EW>::read_facet() in Nef_S2/SNC_io_parser.h), allowing specially crafted malformed input files to cause out-of-bounds reads and type confusion. An attacker can supply malicious polygon data to trigger code execution; no authentication or special privileges are required if the application processes untrusted files.

Summary generated and translated by AI from the official description.
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->twin().
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
CGAL Project · libcgal

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://lists.debian.org/debian-lts-announce/2022/12/msg00011.htmlhttps://security.gentoo.org/glsa/202305-34https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225