CVE-2020-6099 HIGH

CVE-2020-6099

Vendor Graphisoft
Product BIMx Desktop Viewer
Weakness CWE-680
Published April 18, 2022
Last update April 15, 2025

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An exploitable code execution vulnerability exists in the file format parsing functionality of Graphisoft BIMx Desktop Viewer 2019.2.2328. A specially crafted file can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.

Key dates

02Disclosure timeline

April 18, 2022 CVE published
April 15, 2025 Record updated