As outlined in the Siemens Product Certification team's security report SSA-119468, a small number of vulnerabilities resulting from a manually derived, malicious file manipulation to force Keyshot to crash, such that a hacker could potentially gain access to and exploit the computer running the program.
Please Note:
There have been no actual reported cases of any issues associated with these vulnerabilities. If the recommended solution documented in the Siemens Product Certification security report (
SSA-119468) and the Luxion Security Advisory (
LSA-394129) are implemented, upgrading to KeyShot 10.2 will eliminate these vulnerabilities.
The worst-case outcome in these scenarios is the same as the worst case for any phishing attack. You are vulnerable to ransomware, loss of IP, loss of personal information, or general exposure of data on your system or network. As always, we encourage customers to provide appropriate network protections, utilize the concept of "defense-in-depth," and
don't open files from unknown or untrusted sources.
SFB-SOLID_EDGE-8549024
Product Information: