CVE-2022-42900 is a high-severity vulnerability affecting Bentley MicroStation and MicroStation-based applications, including Bentley View. The vulnerability arises from out-of-bounds read issues triggered when the software opens specially crafted FBX files. FBX is a popular file format used for 3D modeling and animation data exchange. The out-of-bounds read (classified under CWE-125) can lead to memory corruption, which attackers can exploit to achieve information disclosure and potentially arbitrary code execution. This means an attacker could craft a malicious FBX file that, when opened by a vulnerable version of MicroStation or Bentley View, could execute code with the privileges of the user running the application. The vulnerability does not require prior authentication but does require user interaction, specifically opening a malicious file. The CVSS 3.1 base score is 7.8, reflecting high impact on confidentiality, integrity, and availability, with low attack complexity and no privileges required. Fixed versions have been released: MicroStation 10.17.01.58 and Bentley View 10.17.01.19. No known exploits in the wild have been reported to date. Given the nature of the vulnerability, it poses a significant risk especially in environments where these applications are used to handle untrusted or externally sourced FBX files.

For European organizations, the impact of CVE-2022-42900 can be substantial, particularly for industries relying on Bentley MicroStation and related applications, such as architecture, engineering, construction, and infrastructure management. Exploitation could lead to unauthorized disclosure of sensitive design data, intellectual property theft, and disruption of critical design workflows. Code execution could allow attackers to deploy malware, move laterally within networks, or disrupt operations. Since these applications are often used in large infrastructure projects, successful exploitation could have cascading effects on project timelines and safety. Additionally, compromised systems could be leveraged for further attacks on corporate networks. The requirement for user interaction (opening a malicious file) means that phishing or social engineering could be vectors for exploitation. European organizations with stringent data protection regulations (e.g., GDPR) could face compliance risks if sensitive data is leaked due to this vulnerability.

1. Immediate application of patches: Organizations should upgrade MicroStation to version 10.17.01.58 and Bentley View to 10.17.01.19 or later as soon as possible. 2. Implement strict file handling policies: Restrict the opening of FBX files from untrusted or unknown sources. 3. Use sandboxing or isolated environments for opening potentially risky files to limit the impact of exploitation. 4. Enhance user awareness training to recognize phishing attempts and suspicious file attachments, reducing the risk of user-initiated exploitation. 5. Employ endpoint detection and response (EDR) solutions to monitor for anomalous behavior indicative of exploitation attempts. 6. Network segmentation: Limit the access of systems running MicroStation to critical network segments to reduce lateral movement potential. 7. Maintain up-to-date backups of critical design data to enable recovery in case of compromise. 8. Monitor vendor advisories and threat intelligence feeds for any emerging exploit activity related to this vulnerability.