An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002 | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-22-282/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-22-289/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
16 Nov 2022, 04:07
Type | Values Removed | Values Added |
---|---|---|
First Time |
Autodesk autocad Architecture
Autodesk autocad Map 3d Autodesk civil 3d Autodesk autocad Lt Autodesk autocad Electrical Autodesk autocad Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d Autodesk advance Steel |
|
CPE | cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* |
07 Oct 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process. |
28 Feb 2022, 21:01
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-22-282/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-22-289/ - Third Party Advisory, VDB Entry |
10 Feb 2022, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Jan 2022, 21:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:autodesk:inventor:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:inventor:2021:*:*:*:*:*:*:* cpe:2.3:a:autodesk:inventor:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:inventor:2020:*:*:*:*:*:*:* |
|
First Time |
Autodesk inventor
Autodesk |
|
CWE | CWE-200 | |
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
25 Jan 2022, 20:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-25 20:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-40159
Mitre link : CVE-2021-40159
CVE.ORG link : CVE-2021-40159
JSON object : View
Products Affected
autodesk
- autocad_plant_3d
- autocad_electrical
- civil_3d
- autocad_lt
- autocad_mep
- inventor
- autocad
- autocad_mechanical
- advance_steel
- autocad_map_3d
- autocad_architecture
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor