Out-of-bounds read in Paint 3D

#VU53896 Out-of-bounds read in Paint 3D

Published: 2021-06-08 | Updated: 2021-06-11

Vulnerability identifier: #VU53896

Vulnerability risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-31945

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Paint 3D
Client/Desktop applications / Office applications

Vendor: Microsoft

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary condition when processing GLB files in Paint 3D. A remote attacker can create a specially crafted GLB file, trick the victim into opening it, trigger out-of-bounds read error and execute arbitrary code on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Paint 3D: All versions

External links
http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31945
http://www.zerodayinitiative.com/advisories/ZDI-21-667/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Microsoft Paint 3D