A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
05 Oct 2022, 13:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-755 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 - Vendor Advisory | |
CPE | cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* |
|
First Time |
Autodesk
Autodesk autocad Architecture Autodesk autocad Civil 3d Autodesk autocad Map 3d Autodesk autocad Advance Steel Autodesk autocad Lt Autodesk autocad Electrical Autodesk autocad Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d |
03 Oct 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-03 15:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-33887
Mitre link : CVE-2022-33887
CVE.ORG link : CVE-2022-33887
JSON object : View
Products Affected
autodesk
- autocad_advance_steel
- autocad_architecture
- autocad_mep
- autocad_electrical
- autocad_lt
- autocad
- autocad_mechanical
- autocad_map_3d
- autocad_civil_3d
- autocad_plant_3d
CWE
CWE-755
Improper Handling of Exceptional Conditions