CVE-2010-20114

UNKNOWN 0.0

VariCAD EN <= 2010-2.05 .dwb File Stack Buffer Overflow

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

VariCAD EN up to and including version 2010-2.05 is vulnerable to a stack-based buffer overflow when parsing .dwb drawing files. The application fails to properly validate the length of input data embedded in the file, allowing a crafted .dwb file to overwrite critical memory structures. This flaw can be exploited locally by convincing a user to open a malicious file, resulting in arbitrary code execution.

CWE	CWE-121
Vendor	varicad
Product	varicad en
Published	Aug 21, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for varicad varicad en

Be the first to know when new unknown vulnerabilities affecting varicad varicad en are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

VariCAD / VariCAD EN

* ≤ 2010-2.05

References

NVD ↗ CVE.org ↗ EPSS Data ↗

raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/varicad_dwb.rb exploit-db.com: https://www.exploit-db.com/exploits/11789 broadcom.com: https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=26522 seebug.org: https://www.seebug.org/vuldb/ssvid-71154 varicad.com: https://www.varicad.com/en/home/ fortiguard.com: https://www.fortiguard.com/encyclopedia/ips/18735 vulncheck.com: https://www.vulncheck.com/advisories/varicad-en-dwb-file-stack-buffer-overflow

Credits

n00b