A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
References
| Link | Resource |
|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0005 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
19 Apr 2022, 12:39
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0005 - Vendor Advisory | |
| First Time |
Autodesk autocad Map 3d
Autodesk autocad Autodesk autocad Electrical Autodesk civil 3d Autodesk autocad Mep Autodesk autocad Plant 3d Autodesk autocad Lt Autodesk advance Steel Autodesk autocad Architecture Autodesk autocad Mechanical Autodesk |
|
| CPE | cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* |
|
| CWE | CWE-416 | |
| CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
11 Apr 2022, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-04-11 20:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-25789
Mitre link : CVE-2022-25789
CVE.ORG link : CVE-2022-25789
JSON object : View
Products Affected
autodesk
- autocad_electrical
- autocad_architecture
- civil_3d
- autocad_map_3d
- autocad_plant_3d
- autocad_mechanical
- advance_steel
- autocad
- autocad_lt
- autocad_mep
CWE
CWE-416
Use After Free