CNNVD-202511-1359 Information

Nov 12, 2025 cve

CNNVD ID

CNNVD-202511-1359

CVE-2017-20211

CNNVD Published: 2025-11-12

Description (Chinese)

UCanCode E-XD++ Visualization Enterprise Suite是中国UCanCode公司的一个可视化开发组件。 UCanCode E-XD++ Visualization Enterprise Suite存在安全漏洞，该漏洞源于TKDRAWCAD.TKDrawCADCtrl.1 ActiveX控件中存在不受信任指针取消引用问题，可能导致远程代码执行。

Description (English)

UCande E-XD++ Vision Suite is a visual development component of UCanCode in China. There is a security loophole in UcanCode E-XD+ Visualization Enterprise Suite, which stems from the untrusted pointer cancellation of references in TKDRAWCAD.TKDrawCDCtrl.1 ActiveX controls, which may lead to remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

UCanCode

Published

2025-11-12

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-17-422/ https://www.ucancode.net/ https://www.vulncheck.com/advisories/ucancode-e-xd-visualization-enterprise-suite-untrusted-pointer-dereference-rce https://access.redhat.com/security/cve/cve-2017-20211

Share on: