A maliciously crafted TIF or PICT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability may be exploited to execute arbitrary code.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
25 Apr 2022, 16:27
Type | Values Removed | Values Added |
---|---|---|
First Time |
Autodesk autocad Map 3d
Autodesk autocad Autodesk autocad Electrical Autodesk civil 3d Autodesk autocad Mep Autodesk autocad Plant 3d Autodesk autocad Lt Autodesk advance Steel Autodesk autocad Architecture Autodesk autocad Mechanical Autodesk |
|
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
CWE | CWE-787 | |
CPE | cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* |
18 Apr 2022, 17:45
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-18 17:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-27530
Mitre link : CVE-2022-27530
CVE.ORG link : CVE-2022-27530
JSON object : View
Products Affected
autodesk
- autocad_electrical
- autocad_architecture
- civil_3d
- autocad_map_3d
- autocad_plant_3d
- autocad_mechanical
- advance_steel
- autocad
- autocad_lt
- autocad_mep
CWE
CWE-787
Out-of-bounds Write