CVE-2022-33885

{"id": "CVE-2022-33885", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-10-03T15:15:16.787", "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020", "tags": ["Vendor Advisory"], "source": "psirt@autodesk.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution."}, {"lang": "es", "value": "Un archivo X_B, CATIA y PDF dise\u00f1ado de forma maliciosa cuando es analizado mediante Autodesk AutoCAD versiones 2023 y 2022, puede usarse para escribir m\u00e1s all\u00e1 del b\u00fafer asignado. Esta vulnerabilidad puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario"}], "lastModified": "2022-10-05T19:12:53.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684", "versionEndExcluding": "2022.1.3", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@autodesk.com"}