A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
05 Oct 2022, 13:26
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* |
|
First Time |
Autodesk
Autodesk autocad Architecture Autodesk autocad Civil 3d Autodesk autocad Map 3d Autodesk autocad Advance Steel Autodesk autocad Lt Autodesk autocad Electrical Autodesk autocad Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d |
|
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 - Vendor Advisory | |
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
03 Oct 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-03 15:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-33885
Mitre link : CVE-2022-33885
CVE.ORG link : CVE-2022-33885
JSON object : View
Products Affected
autodesk
- autocad_plant_3d
- autocad_electrical
- autocad_lt
- autocad_mep
- autocad_civil_3d
- autocad
- autocad_advance_steel
- autocad_mechanical
- autocad_map_3d
- autocad_architecture
CWE
CWE-787
Out-of-bounds Write