Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
5DescriptionCVE.org
Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2d_BSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in MakeBSplineCurveCommon during STEP B-spline curve construction, and infinite recursion in StepShape_OrientedEdge::EdgeStart when processing a self-referential OrientedEdge entity. Successful exploitation may result in denial of service or unintended memory disclosure.
AnalysisAI
Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple out-of-bounds read vulnerabilities and infinite recursion flaws in its IGES and STEP file parsers that can be triggered by maliciously crafted CAD files, resulting in denial of service or memory disclosure. Local attackers with low privilege can exploit these issues without user interaction by supplying crafted IGES or STEP files to applications using OCCT. EPSS-based risk assessment indicates moderate exploitation probability; CISA SSVC framework rates this as non-automated with partial technical impact (denial of service and information disclosure).
Technical ContextAI
Open CASCADE Technology is a 3D modeling kernel library widely used in CAD applications for parsing and processing IGES (Initial Graphics Exchange Specification) and STEP (Standard for the Exchange of Product Data) file formats. The vulnerabilities reside in critical parsing components: Geom2d_BSplineCurve::EvalD0 (IGES B-spline evaluation), MakeBSplineCurveCommon (STEP B-spline construction), and StepShape_OrientedEdge::EdgeStart (STEP entity resolution). The root cause is CWE-125 (out-of-bounds read), combined with improper recursion handling in entity reference resolution. These are core geometric computation routines exposed to untrusted file input.
RemediationAI
Exact patch version information is not provided in available data. Contact Open CASCADE Technology or monitor https://github.com/Open-Cascade-SRL for security updates. As immediate compensating controls: (1) restrict file submission to OCCT-dependent applications to trusted sources only (blocks untrusted IGES/STEP file ingestion); (2) run OCCT services in a sandboxed or containerized environment with resource limits (mitigates denial of service impact); (3) validate IGES/STEP files against schema before parsing if possible, though this adds computational overhead and may not catch all malformed inputs. Until a patched version is released, consider disabling IGES/STEP parsing if not essential to application functionality, or implement strict file size and complexity limits to reduce parsing time.
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26678