Search criteria
27 vulnerabilities found for infraworks by autodesk
FKIE_CVE-2023-29068
Vulnerability from fkie_nvd - Published: 2023-06-27 19:15 - Updated: 2024-11-21 07:56
Severity ?
Summary
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
"versionEndExcluding": "2021.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
"versionEndExcluding": "2023.3.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
"versionEndExcluding": "2022.5",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
"versionEndExcluding": "2023.3",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
"versionEndExcluding": "2023.2",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
"versionEndExcluding": "2021.1.8",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
"versionEndExcluding": "2023.4",
"versionStartIncluding": "2023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"id": "CVE-2023-29068",
"lastModified": "2024-11-21T07:56:29.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-27T19:15:09.457",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-25004
Vulnerability from fkie_nvd - Published: 2023-06-27 19:15 - Updated: 2024-11-21 07:48
Severity ?
Summary
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
"versionEndExcluding": "2021.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
"versionEndExcluding": "2023.3.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
"versionEndExcluding": "2022.5",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
"versionEndExcluding": "2023.3",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
"versionEndExcluding": "2023.2",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
"versionEndExcluding": "2021.1.8",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
"versionEndExcluding": "2023.4",
"versionStartIncluding": "2023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
}
],
"id": "CVE-2023-25004",
"lastModified": "2024-11-21T07:48:54.893",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-27T19:15:09.383",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-25003
Vulnerability from fkie_nvd - Published: 2023-06-23 19:15 - Updated: 2024-11-21 07:48
Severity ?
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
"versionEndExcluding": "2021.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
"versionEndExcluding": "2023.3.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
"versionEndExcluding": "2022.5",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
"versionEndExcluding": "2023.3",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
"versionEndExcluding": "2023.2",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
"versionEndExcluding": "2021.1.8",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
"versionEndExcluding": "2023.4",
"versionStartIncluding": "2023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
}
],
"id": "CVE-2023-25003",
"lastModified": "2024-11-21T07:48:54.767",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-23T19:15:08.983",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-25005
Vulnerability from fkie_nvd - Published: 2023-05-12 21:15 - Updated: 2025-01-27 18:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2023.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED3976D-7AEB-4682-A992-39E3FFF21613",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5ED076-764C-400E-8DAD-7F9E0793FD7F",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "67C2219C-5B50-4E46-B1F0-68218F1E5AF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "E5684221-8B7C-4ADA-A1A8-727E7F0F67BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_5:*:*:*:*:*:*",
"matchCriteriaId": "EB247C2B-8221-457A-99F9-39D75D4DB8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_6:*:*:*:*:*:*",
"matchCriteriaId": "E3E63C7B-C4A5-4722-88A5-6801AA086915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_7:*:*:*:*:*:*",
"matchCriteriaId": "8CBCFD6F-2195-48AA-B6A9-8EBB7BF1F047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_8:*:*:*:*:*:*",
"matchCriteriaId": "280DEA0C-EF21-4C54-8C9D-FC83152F2C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_9:*:*:*:*:*:*",
"matchCriteriaId": "533A6090-B202-49D4-B0C7-7C189EB282AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2023.1:-:*:*:*:*:*:*",
"matchCriteriaId": "71061947-E7CE-44C8-8DAE-779AEDBEC170",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability."
}
],
"id": "CVE-2023-25005",
"lastModified": "2025-01-27T18:15:33.127",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-12T21:15:09.220",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2021-40164
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Podr\u00eda producirse un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria pila mientras son analizados archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40164",
"lastModified": "2024-11-21T06:23:42.310",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.560",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40165
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Un archivo TIFF, PICT, TGA o RLC dise\u00f1ado de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk puede usarse para escribir m\u00e1s all\u00e1 del b\u00fafer asignado mientras se analizan los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40165",
"lastModified": "2024-11-21T06:23:42.460",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.650",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40162
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Los archivos TIF, PICT, TGA o RLC dise\u00f1ados de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk pueden ser forzados a leer m\u00e1s all\u00e1 de los l\u00edmites asignados cuando son analizados los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40162",
"lastModified": "2024-11-21T06:23:42.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.383",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40166
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
},
{
"lang": "es",
"value": "Un archivo PNG dise\u00f1ado de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk puede usarse para intentar liberar un objeto que ya ha sido liberado mientras es analizado. Esta vulnerabilidad puede ser explotada por atacantes para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40166",
"lastModified": "2024-11-21T06:23:42.607",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.743",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40163
Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
},
{
"lang": "es",
"value": "Una vulnerabilidad de corrupci\u00f3n de memoria puede conllevar a una ejecuci\u00f3n de c\u00f3digo mediante archivos DLL dise\u00f1ados de forma maliciosa por medio del componente de procesamiento de im\u00e1genes de Autodesk"
}
],
"id": "CVE-2021-40163",
"lastModified": "2024-11-21T06:23:42.163",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.460",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-29068 (GCVE-0-2023-29068)
Vulnerability from cvelistv5 – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:41
VLAI?
Summary
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Severity ?
No CVSS data available.
CWE
- memory corruption vulnerability
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk products |
Affected:
2023, 2022, 2021, 2020
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:14.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:41:27.413833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:41:43.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021, 2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory corruption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-29068",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-03-30T00:00:00",
"dateUpdated": "2024-12-05T14:41:43.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25004 (GCVE-0-2023-25004)
Vulnerability from cvelistv5 – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:40
VLAI?
Summary
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
Severity ?
No CVSS data available.
CWE
- Integer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk products |
Affected:
2023, 2022, 2021, 2020
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:39:57.188378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:40:18.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021, 2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25004",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T14:40:18.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25003 (GCVE-0-2023-25003)
Vulnerability from cvelistv5 – Published: 2023-06-23 00:00 – Updated: 2024-12-05 17:10
VLAI?
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
Severity ?
No CVSS data available.
CWE
- out-of-bound read write / read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AutoCAD, Maya |
Affected:
2023, 2022
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T17:09:59.558363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T17:10:10.146Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": " AutoCAD, Maya ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bound read write / read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25003",
"datePublished": "2023-06-23T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T17:10:10.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25005 (GCVE-0-2023-25005)
Vulnerability from cvelistv5 – Published: 2023-05-12 00:00 – Updated: 2025-01-27 17:43
VLAI?
Summary
A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability.
Severity ?
7.8 (High)
CWE
- Resource Injection
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk InfraWorks |
Affected:
2023, 2021
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:43:03.290093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T17:43:10.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk InfraWorks",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2021"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Resource Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-12T00:00:00.000Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25005",
"datePublished": "2023-05-12T00:00:00.000Z",
"dateReserved": "2023-02-01T00:00:00.000Z",
"dateUpdated": "2025-01-27T17:43:10.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40162 (GCVE-0-2021-40162)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Out-of-Band Read
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-Band Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40162",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40164 (GCVE-0-2021-40164)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Heap-based Overflow
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40164",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40163 (GCVE-0-2021-40163)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
Severity ?
No CVSS data available.
CWE
- Memory Corruption
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40163",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40166 (GCVE-0-2021-40166)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Use-After-Free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-After-Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40166",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40165 (GCVE-0-2021-40165)
Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40165",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29068 (GCVE-0-2023-29068)
Vulnerability from nvd – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:41
VLAI?
Summary
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Severity ?
No CVSS data available.
CWE
- memory corruption vulnerability
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk products |
Affected:
2023, 2022, 2021, 2020
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:14.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:41:27.413833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:41:43.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021, 2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory corruption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-29068",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-03-30T00:00:00",
"dateUpdated": "2024-12-05T14:41:43.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25004 (GCVE-0-2023-25004)
Vulnerability from nvd – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:40
VLAI?
Summary
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
Severity ?
No CVSS data available.
CWE
- Integer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk products |
Affected:
2023, 2022, 2021, 2020
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:39:57.188378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:40:18.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021, 2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25004",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T14:40:18.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25003 (GCVE-0-2023-25003)
Vulnerability from nvd – Published: 2023-06-23 00:00 – Updated: 2024-12-05 17:10
VLAI?
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
Severity ?
No CVSS data available.
CWE
- out-of-bound read write / read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AutoCAD, Maya |
Affected:
2023, 2022
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T17:09:59.558363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T17:10:10.146Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": " AutoCAD, Maya ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bound read write / read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25003",
"datePublished": "2023-06-23T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T17:10:10.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25005 (GCVE-0-2023-25005)
Vulnerability from nvd – Published: 2023-05-12 00:00 – Updated: 2025-01-27 17:43
VLAI?
Summary
A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability.
Severity ?
7.8 (High)
CWE
- Resource Injection
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk InfraWorks |
Affected:
2023, 2021
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:43:03.290093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T17:43:10.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk InfraWorks",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2021"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Resource Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-12T00:00:00.000Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25005",
"datePublished": "2023-05-12T00:00:00.000Z",
"dateReserved": "2023-02-01T00:00:00.000Z",
"dateUpdated": "2025-01-27T17:43:10.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40162 (GCVE-0-2021-40162)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Out-of-Band Read
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-Band Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40162",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40164 (GCVE-0-2021-40164)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Heap-based Overflow
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40164",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40163 (GCVE-0-2021-40163)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
Severity ?
No CVSS data available.
CWE
- Memory Corruption
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40163",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40166 (GCVE-0-2021-40166)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Use-After-Free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-After-Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40166",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40165 (GCVE-0-2021-40165)
Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
VLAI?
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40165",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}