Search criteria
21 vulnerabilities found for infrastructure_parts_editor by autodesk
FKIE_CVE-2025-5039
Vulnerability from fkie_nvd - Published: 2025-07-24 17:15 - Updated: 2025-08-19 14:15
Severity ?
Summary
A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | infrastructure_parts_editor | * | |
| autodesk | inventor | * | |
| autodesk | navisworks_manage | * | |
| autodesk | navisworks_simulate | * | |
| autodesk | revit | * | |
| autodesk | vault | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03EE8BC1-4EC3-49E3-9C1C-CFBD8C531ECD",
"versionEndExcluding": "2026.0.2",
"versionStartIncluding": "2026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7D5DEC-D172-49F2-89AE-9BFC5DFE98A6",
"versionEndExcluding": "2026.0.2",
"versionStartIncluding": "2026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E916918-4CF5-4628-BD1B-C6FA94CBB353",
"versionEndExcluding": "2026.0.2",
"versionStartIncluding": "2026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AB26D6-C349-48FB-9A09-C32C987904A8",
"versionEndExcluding": "2026.0.2",
"versionStartIncluding": "2026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B92B643-9C29-4604-8967-EB7A238120AB",
"versionEndExcluding": "2026.0.2",
"versionStartIncluding": "2026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA7B4A5-345D-47E2-B295-0AF2BE88C19E",
"versionEndExcluding": "2026.0.2",
"versionStartIncluding": "2026",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
},
{
"lang": "es",
"value": "Un archivo binario manipulado con fines malintencionados, cuando est\u00e1 presente durante la carga de archivos en ciertas aplicaciones de Autodesk, podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del proceso actual debido al uso de una ruta de b\u00fasqueda no confiable."
}
],
"id": "CVE-2025-5039",
"lastModified": "2025-08-19T14:15:40.773",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@autodesk.com",
"type": "Secondary"
}
]
},
"published": "2025-07-24T17:15:32.817",
"references": [
{
"source": "psirt@autodesk.com",
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "psirt@autodesk.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-1276
Vulnerability from fkie_nvd - Published: 2025-04-15 21:15 - Updated: 2025-08-19 13:15
Severity ?
Summary
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6635B2E-79F9-4E17-91DE-3147AEAAECD3",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF0503B6-5889-44EA-82BD-8975C69DC4EF",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36B8EE53-5CD1-4CC9-9829-ED06BEB742C8",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
"matchCriteriaId": "BAA7DE4E-9D9D-4A3C-9813-1ECA420CA55D",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
"matchCriteriaId": "973B1CE6-8763-42F4-9E43-46CA1C0398FE",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
"matchCriteriaId": "6DF31D4A-4E66-4425-98C3-3A4172F27634",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5628D4-B66A-4D97-A079-0288AB4A78D1",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7063D783-E671-421A-99D2-AC6DFAAA298C",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDEB087-1A78-402D-A50F-64A172B941D3",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6F5A94-EE54-43B3-955F-7C3615D6E0E0",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC07F09-9A3B-4E9B-9A06-D9AC6DD82535",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F923BEB3-D0A6-4FB8-95CA-4AF1369FAB08",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
"matchCriteriaId": "3B8C034F-57BD-4F6D-B6F0-904FC1212CBB",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
"matchCriteriaId": "5A34FC4A-17E3-4F32-AF55-146A3E0A8D73",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
"matchCriteriaId": "DACE53EA-C06D-4BAD-A47C-2AD7D9BA3FC7",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E920B994-CFAF-4585-BBFB-5BB453BB091A",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88A19D6B-8863-4A0C-9422-53EF25653A22",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E858EBC9-08A6-480C-A896-C15A1D89FAF7",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9F716E-DA62-473B-8057-D5C1ED9A6068",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F24D151E-23F1-4EBF-8949-088F6A95C2F0",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6BBD42-FFD8-474D-8ABA-A614B5F74508",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78DB2C5D-9640-45E1-9D5C-12514E9C6C1B",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00A20CE8-64D8-4F4B-9BF8-84A5D691051E",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "939BC44C-8CF2-4BA7-AC06-71B679BDF69A",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54718FCB-A8EE-4852-B406-0D3A41633A4F",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC171BB-5A63-4D93-BAB4-E4C0743686C9",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD85595-32CE-4517-A17F-E3E48114EE6B",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC6A58E-5F08-4D92-8640-D21C24A34B85",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84402AA2-842C-4F45-BEEE-01B4399F8A2D",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E4D88D-B3B5-42A9-B3B6-E95BDCC1E805",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3814C7-89F1-4769-A667-8A941FECFECA",
"versionEndExcluding": "2023.1.7",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5615AA3-02AB-41E6-B207-C8E2BF14381B",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68D32CA8-DAE5-454E-9611-6DC7D39936B6",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ACA58FE-046E-47D0-B091-58725ABC1D5E",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06EEA81D-D2D2-4553-8B50-7CF851D2F451",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2D3721-3DFB-4BF2-AB50-F7FB5D582DFB",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33271DFE-EA9E-470B-889C-920D7CC014D9",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C24857A-342D-4B37-89D7-BAD0C71D58F1",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3B7FDC4-BEC1-4F90-A112-6960176F6748",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28734A5D-CAEB-4F94-9892-DA3F45E3DA41",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72D634-D894-406F-81F0-2421BA22FFAD",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328F43A7-346C-4C9D-8153-74497327D053",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C38D944-8471-47A0-AFAC-ECA76CB58E57",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6486EE-BCC7-469A-B5B7-B9950B1DEF67",
"versionEndExcluding": "2024.1.7",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
"matchCriteriaId": "611BC4BF-41BF-46D9-ADB2-92B6CBAB9FBE",
"versionEndExcluding": "2025.1.2",
"versionStartIncluding": "2025",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
},
{
"lang": "es",
"value": "Un archivo DWG manipulado con fines maliciosos, al analizarse mediante ciertas aplicaciones de Autodesk, puede forzar una vulnerabilidad de escritura fuera de los l\u00edmites. Un agente malicioso podr\u00eda aprovechar esta vulnerabilidad para provocar un bloqueo, da\u00f1ar datos o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
}
],
"id": "CVE-2025-1276",
"lastModified": "2025-08-19T13:15:39.800",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@autodesk.com",
"type": "Secondary"
}
]
},
"published": "2025-04-15T21:15:47.320",
"references": [
{
"source": "psirt@autodesk.com",
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"source": "psirt@autodesk.com",
"url": "https://www.autodesk.com/products/dwg-trueview/overview"
},
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@autodesk.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2021-40162
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Los archivos TIF, PICT, TGA o RLC dise\u00f1ados de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk pueden ser forzados a leer m\u00e1s all\u00e1 de los l\u00edmites asignados cuando son analizados los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40162",
"lastModified": "2024-11-21T06:23:42.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.383",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40166
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
},
{
"lang": "es",
"value": "Un archivo PNG dise\u00f1ado de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk puede usarse para intentar liberar un objeto que ya ha sido liberado mientras es analizado. Esta vulnerabilidad puede ser explotada por atacantes para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40166",
"lastModified": "2024-11-21T06:23:42.607",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.743",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40164
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Podr\u00eda producirse un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria pila mientras son analizados archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40164",
"lastModified": "2024-11-21T06:23:42.310",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.560",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40165
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Un archivo TIFF, PICT, TGA o RLC dise\u00f1ado de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk puede usarse para escribir m\u00e1s all\u00e1 del b\u00fafer asignado mientras se analizan los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40165",
"lastModified": "2024-11-21T06:23:42.460",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.650",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40163
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
},
{
"lang": "es",
"value": "Una vulnerabilidad de corrupci\u00f3n de memoria puede conllevar a una ejecuci\u00f3n de c\u00f3digo mediante archivos DLL dise\u00f1ados de forma maliciosa por medio del componente de procesamiento de im\u00e1genes de Autodesk"
}
],
"id": "CVE-2021-40163",
"lastModified": "2024-11-21T06:23:42.163",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.460",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-5039 (GCVE-0-2025-5039)
Vulnerability from cvelistv5 – Published: 2025-07-24 17:11 – Updated: 2025-08-19 13:17
VLAI?
Title
Privilege Ecalation due to Untrusted Search Path Vulnerability
Summary
A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.
Severity ?
7.8 (High)
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Autodesk | AutoCAD |
Affected:
2026 , < 2026.1
(custom)
cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5039",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-24T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T03:55:30.703Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.0.2",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.\u003cbr\u003e"
}
],
"value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
}
],
"impacts": [
{
"capecId": "CAPEC-38",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-19T13:17:42.116Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Ecalation due to Untrusted Search Path Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-5039",
"datePublished": "2025-07-24T17:11:14.714Z",
"dateReserved": "2025-05-21T13:00:59.147Z",
"dateUpdated": "2025-08-19T13:17:42.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1276 (GCVE-0-2025-1276)
Vulnerability from cvelistv5 – Published: 2025-04-15 20:55 – Updated: 2025-10-07 20:54
VLAI?
Title
DWG File Parsing Out-of-Bounds Write Vulnerability
Summary
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Severity ?
7.8 (High)
CWE
- CWE-787 - Out-of-Bounds Write
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Autodesk | AutoCAD |
Affected:
2025 , < 2025.1.2
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T03:55:45.569Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-07T20:54:16.150Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/dwg-trueview/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "DWG File Parsing Out-of-Bounds Write Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-1276",
"datePublished": "2025-04-15T20:55:04.255Z",
"dateReserved": "2025-02-13T15:16:31.469Z",
"dateUpdated": "2025-10-07T20:54:16.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40164 (GCVE-0-2021-40164)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Heap-based Overflow
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40164",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40162 (GCVE-0-2021-40162)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Out-of-Band Read
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-Band Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40162",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40163 (GCVE-0-2021-40163)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
Severity ?
No CVSS data available.
CWE
- Memory Corruption
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40163",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40165 (GCVE-0-2021-40165)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40165",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40166 (GCVE-0-2021-40166)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Use-After-Free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-After-Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40166",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5039 (GCVE-0-2025-5039)
Vulnerability from nvd – Published: 2025-07-24 17:11 – Updated: 2025-08-19 13:17
VLAI?
Title
Privilege Ecalation due to Untrusted Search Path Vulnerability
Summary
A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.
Severity ?
7.8 (High)
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Autodesk | AutoCAD |
Affected:
2026 , < 2026.1
(custom)
cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5039",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-24T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T03:55:30.703Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.1",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2026.0.2",
"status": "affected",
"version": "2026",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.\u003cbr\u003e"
}
],
"value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
}
],
"impacts": [
{
"capecId": "CAPEC-38",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-19T13:17:42.116Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Ecalation due to Untrusted Search Path Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-5039",
"datePublished": "2025-07-24T17:11:14.714Z",
"dateReserved": "2025-05-21T13:00:59.147Z",
"dateUpdated": "2025-08-19T13:17:42.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1276 (GCVE-0-2025-1276)
Vulnerability from nvd – Published: 2025-04-15 20:55 – Updated: 2025-10-07 20:54
VLAI?
Title
DWG File Parsing Out-of-Bounds Write Vulnerability
Summary
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Severity ?
7.8 (High)
CWE
- CWE-787 - Out-of-Bounds Write
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Autodesk | AutoCAD |
Affected:
2025 , < 2025.1.2
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T03:55:45.569Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-07T20:54:16.150Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/dwg-trueview/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "DWG File Parsing Out-of-Bounds Write Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-1276",
"datePublished": "2025-04-15T20:55:04.255Z",
"dateReserved": "2025-02-13T15:16:31.469Z",
"dateUpdated": "2025-10-07T20:54:16.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40164 (GCVE-0-2021-40164)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Heap-based Overflow
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40164",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40162 (GCVE-0-2021-40162)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Out-of-Band Read
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-Band Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40162",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40163 (GCVE-0-2021-40163)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
Severity ?
No CVSS data available.
CWE
- Memory Corruption
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40163",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40165 (GCVE-0-2021-40165)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40165",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40166 (GCVE-0-2021-40166)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Use-After-Free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-After-Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40166",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}