This year, Bentley is enacting a Common Vulnerability Exposure (CVE) program. Bentley strives to publish important security advisories that help our users mitigate risks for a subset of our desktop products. These advisory pages are Bentley's source of information to our user community for potential risks in our products. Although we generally recommend updating to the latest product versions, some advisories include more detailed information about risk mitigation and specifics of affected versions which should be reviewed before updating. Our advisories are often linked with CVE entries. This process, the information in the advisories, and the website are all subject to change.
List of advisories:
Advisory Number |
Title |
BE-2022-0009 |
SKP File Parsing Use-After-Free vulnerabilities in MicroStation and MicroStation-based applications |
BE-2022-0008 |
OBJ File Parsing Stack Overflow vulnerabilities in MicroStation and MicroStation-based applications
|
BE-2022-0007 |
JP2 File Parsing Out-of-bounds Write in MicroStation and MicroStation-based applications |
BE-2022-0006 |
IFC File Parsing Vulnerabilities in MicroStation and MicroStation-based applications
|
BE-2022-0005 |
DXF File Parsing Out-of-bounds Read Vulnerabilities in MicroStation and MicroStation-based applications
|
BE-2022-0004 |
DGN File Parsing Out-of-bounds vulnerabilities in MicroStation and MicroStation-based applications
|
BE-2022-0003 |
3DS File Parsing Out-Of-Bounds Read in MicroStation and MicroStation-based applications
|
BE-2022-0002 |
3DM File Parsing Uninitialized Variable in MicroStation and MicroStation-based applications
|
BE-2022-0001 |
Use of Log4j in RenderFarm component for SYNCHRO 4D Pro and SYNCHRO Pro |
BE-2021-0015 |
Use of uninitialized memory in MicroStation and MicroStation-based applications |
BE-2021-0014 |
Use-after-free vulnerability in MicroStation and MicroStation-based applications |
BE-2021-0013 |
Out-of-bounds vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0012 |
Out-of-bounds read and use-after-free vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0011 |
Use-after-free vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0010 |
Out-of-bounds read vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0009 |
Out-of-bounds vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0008 |
Out-of-bounds and use-after-free vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0007 |
Out-of-bounds read vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0006 |
Out-of-Bounds and use-after-free vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0005 |
Out-of-Bounds and use-after-free vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0004 |
Out-of-bounds and use-after-free vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0003 |
Out-of-bounds and use-after-free vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0002 |
Out-of-bounds and use-after-free vulnerabilities in MicroStation and MicroStation-based applications |
BE-2021-0001 |
Out-of-Bounds Read in ContextCapture Viewer |