A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Apr 2023, 16:06
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-190 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Autodesk autocad Mep
Autodesk autocad Plant 3d Autodesk autocad Map 3d Autodesk autocad Mechanical Autodesk autocad Lt Autodesk autocad Autodesk autocad Architecture Autodesk autocad Advance Steel Autodesk Autodesk autocad Electrical Autodesk autocad Civil 3d |
|
CPE | cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* |
|
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005 - Vendor Advisory |
14 Apr 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-14 19:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-27913
Mitre link : CVE-2023-27913
CVE.ORG link : CVE-2023-27913
JSON object : View
Products Affected
autodesk
- autocad_mep
- autocad
- autocad_civil_3d
- autocad_lt
- autocad_plant_3d
- autocad_map_3d
- autocad_advance_steel
- autocad_mechanical
- autocad_architecture
- autocad_electrical
CWE
CWE-190
Integer Overflow or Wraparound