Vulnerabilites related to autodesk - inventor
Vulnerability from fkie_nvd
Published
2023-06-27 19:15
Modified
2024-11-21 07:56
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009Vendor Advisory
Impacted products
Vendor Product Version
autodesk alias *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk infraworks *
autodesk infraworks *
autodesk infraworks *
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk maya_usd *
autodesk maya_usd *
autodesk navisworks *
autodesk navisworks *
autodesk revit *
autodesk vred *


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5269098B-1C20-4754-99F9-0A6B97E1490D",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5829F52D-F61C-4B79-B724-3388B1B1723A",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "179FB815-E469-42A1-91CB-B766891C7552",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ADE81778-A65F-4A23-BDAC-AC28434E0887",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5FC936E-91AC-4810-9A34-7384096A4922",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "731F5891-D398-49AE-BA04-179D9FD18ED2",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E009D956-E27B-435B-A308-9279A7DA2087",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07A37B8B-7345-463B-A074-D8C2F242A311",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "85F1017C-4552-4A97-B911-8785EF5DC9A6",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0982CCA5-8834-43D7-8596-F330D7A0A52B",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B937A033-FDA2-461E-8697-2341A9DE23DB",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E60EF97-0AA1-480F-B03E-26709C58030F",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE681603-E303-4759-B301-37BACF233C76",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "29A021AB-AFB3-473C-8111-AB0C9D10C805",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9601144-D1E1-4F8A-A6C0-447E17F14337",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "74942A53-8D7E-4706-B9C3-EB1C03488684",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B95D329-E683-4128-8FC4-300CA974F1F1",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE68AFE1-0F44-4B37-87E5-C7D658186425",
                     versionEndExcluding: "2021.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
                     versionEndExcluding: "2022.1",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
                     versionEndExcluding: "2023.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB97A508-D0AC-47D2-8CA3-156063FFC136",
                     versionEndExcluding: "2021.5",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D35916C1-A782-42AC-B4D4-4131D8F430C3",
                     versionEndExcluding: "2022.4",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
                     versionEndExcluding: "2023.3.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8389D668-78CB-4CF9-85E0-E37A10D35698",
                     versionEndExcluding: "2022.5",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
                     versionEndExcluding: "2023.3",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB7E7583-0389-4959-B08E-BA433A32A84C",
                     versionEndExcluding: "2022.4",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E32A04AB-5C19-4328-9240-5A030E904726",
                     versionEndExcluding: "2023.2",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3392ACCC-079C-4AF8-A0A8-408711C9D094",
                     versionEndExcluding: "2021.1.8",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
                     versionEndExcluding: "2023.4",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.",
      },
   ],
   id: "CVE-2023-29068",
   lastModified: "2024-11-21T07:56:29.737",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-06-27T19:15:09.457",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-01-25 20:15
Modified
2024-11-21 06:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002Vendor Advisory
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-282/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-289/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-282/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-289/Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
autodesk advance_steel *
autodesk autocad *
autodesk autocad_architecture *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk civil_3d *
autodesk inventor 2019
autodesk inventor 2020
autodesk inventor 2021
autodesk inventor 2022


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1BE9431-DC86-4ABB-8EE2-9FADA3B0AEBA",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "120326C3-E212-4341-A25D-BC3DD50CF228",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B117299A-C5FE-419F-9C1C-DF58A2772055",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC178212-E440-46E9-9F00-60A5516D4D72",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "82C21398-6A86-4E56-A98E-E80FFCC6732E",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:2019:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0B62AB8-467B-4305-93C0-80F4ED72BFA0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:2020:*:*:*:*:*:*:*",
                     matchCriteriaId: "521006E6-57DF-4E48-9D9B-70EED55DDC9D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:2021:*:*:*:*:*:*:*",
                     matchCriteriaId: "C14111CD-085E-4B05-8FB6-2B2F871BE963",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "C67079A0-1C2B-45F9-91CC-74C685D31B67",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de divulgación de información para archivos JT en Autodesk Inventor 2022, 2021, 2020, 2019 junto con otras vulnerabilidades puede conducir a la ejecución de código a través de archivos JT maliciosamente elaborados en el contexto del proceso actual",
      },
   ],
   id: "CVE-2021-40159",
   lastModified: "2024-11-21T06:23:41.587",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-01-25T20:15:08.327",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-282/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-289/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-282/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-289/",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-200",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
Impacted products
Vendor Product Version
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk fusion *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor 2021
autodesk infrastructure_parts_editor 2022
autodesk infraworks *
autodesk infraworks *
autodesk infraworks *
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2022.0
autodesk infraworks 2022.0
autodesk infraworks 2022.1
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk revit *
autodesk revit *
autodesk revit *
autodesk revit 2022
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis 2019
autodesk storm_and_sanitary_analysis 2022


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0E84020-F179-4AF3-BF9C-6D27259B2847",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87941CE7-7F89-4A09-BBE8-A0D829273A63",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A416E4B-0910-45FB-B468-A6D159C6FD11",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD0B37E9-4987-4B96-9B31-6168961E1496",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "20371433-EA59-442E-947A-CF0A6AFD750C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "71FA0271-BE55-48AD-B88D-34645684E9DE",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "77A1562A-07B8-4130-B319-1BE2800D8771",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E59ACB5-8745-46A8-889E-005DEA38925B",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "8FB94403-A063-4BDB-BE35-E198BF128709",
                     versionEndExcluding: "2020.3.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
                     versionEndExcluding: "2021.2.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "EEC464C9-D741-41B4-B460-B4305BCD83FA",
                     versionEndExcluding: "2022.2.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "230F8974-9613-4B58-8621-67CCE81E208C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9184783-2476-4ED0-9F05-CA2AC68446B3",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "120326C3-E212-4341-A25D-BC3DD50CF228",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BAA6D71-2B11-4490-A1C4-652347582EF6",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F78C528-605C-46F3-8CF0-828B682745B3",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B117299A-C5FE-419F-9C1C-DF58A2772055",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E140DC9-7000-48ED-A5C7-B23023DFB199",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC178212-E440-46E9-9F00-60A5516D4D72",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C71A1AD7-4651-4FA9-9114-023E07DCB285",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "984491F0-8303-4C6C-B884-00C032D797DD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
                     matchCriteriaId: "213232B9-A40B-436D-A66A-B65C49D59BE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
                     matchCriteriaId: "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
                     matchCriteriaId: "84ED1789-A17F-48F7-A152-09D2A5C59254",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
                     matchCriteriaId: "74819924-EB63-4BBF-9986-FEF6100EEE15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E9DF065-576B-46B8-9F64-A16D9CB25398",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
                     versionEndExcluding: "2022.1.1",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
                     versionEndExcluding: "2.0.11405",
                     versionStartIncluding: "2.0.10356",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
                     versionEndExcluding: "2019.2.2",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "27BA9C22-0044-429D-AD68-C040DF0E1E34",
                     versionEndExcluding: "2020.0.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
                     matchCriteriaId: "C59A098D-F778-49BB-8B02-61DFA956D456",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "829ACB24-271D-440F-8723-FDAE2430373E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36D46284-4E2E-4C56-B830-3C786D5A238F",
                     versionEndExcluding: "2019.3",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
                     versionEndExcluding: "2020.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE68AFE1-0F44-4B37-87E5-C7D658186425",
                     versionEndExcluding: "2021.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "6974FEA3-2CDE-438D-A153-372A20E0338A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "3D85361A-B19D-444A-A075-73DF234C081B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "8F7898E8-E540-4775-943C-26A4A7A7BA60",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
                     matchCriteriaId: "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "9A3FB713-593D-4CF4-97EE-10498DF3B008",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "7A1EAD58-4213-4340-9019-543A223C155D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "E8799159-8E69-4463-96D9-920E64A675B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "BAB28476-5965-441D-AAEF-F76F7C599F3F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "23B89172-71E0-482F-ABD9-E640EE18E1B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "C7E432F3-925E-4120-9568-F679302A26B2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
                     versionEndExcluding: "2019.6",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
                     versionEndExcluding: "2019.7",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD6A1944-2576-406F-8010-9080C68654D5",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34EEF338-800E-4350-BC57-815A4AC19523",
                     versionEndExcluding: "2019.2.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
                     versionEndExcluding: "2020.2.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81E7B898-A0C4-4458-8389-3310A2A889AE",
                     versionEndExcluding: "2021.1.5",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
                     versionEndExcluding: "2020.3.1",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
                     versionEndExcluding: "2021.3.1",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AC1FC52-ACBC-4119-B42E-0297375B4522",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.",
      },
      {
         lang: "es",
         value: "Un archivo TIFF, PICT, TGA o RLC diseñado de forma maliciosa en el componente de procesamiento de imágenes de Autodesk puede usarse para escribir más allá del búfer asignado mientras se analizan los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario",
      },
   ],
   id: "CVE-2021-40165",
   lastModified: "2024-11-21T06:23:42.460",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-10-07T18:15:14.650",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-04-19 21:15
Modified
2024-11-21 06:53
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002Vendor Advisory
Impacted products
Vendor Product Version
autodesk advance_steel *
autodesk autocad *
autodesk autocad *
autodesk autocad_architecture *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk civil_3d *
autodesk inventor *


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1BE9431-DC86-4ABB-8EE2-9FADA3B0AEBA",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
                     matchCriteriaId: "E3116E10-FB93-4EC7-957E-B130FE5153BF",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "8357611C-929E-407C-B4C8-6ED926E513C6",
                     versionEndExcluding: "2022.2.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
                     matchCriteriaId: "0DC17B10-E6E8-4D49-BDEF-DBC5097580C9",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "EEC464C9-D741-41B4-B460-B4305BCD83FA",
                     versionEndExcluding: "2022.2.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "120326C3-E212-4341-A25D-BC3DD50CF228",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B117299A-C5FE-419F-9C1C-DF58A2772055",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC178212-E440-46E9-9F00-60A5516D4D72",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "82C21398-6A86-4E56-A98E-E80FFCC6732E",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.",
      },
      {
         lang: "es",
         value: "Un archivo JT malicioso en Autodesk AutoCAD versión 2022 puede usarse para escribir más allá del búfer asignado mientras son analizados los archivos JT. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario",
      },
   ],
   id: "CVE-2022-25788",
   lastModified: "2024-11-21T06:53:00.200",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-04-19T21:15:18.650",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.
References
cve@mitre.orghttp://secunia.com/advisories/18682Vendor Advisory
cve@mitre.orghttp://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232Patch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/16472
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/24460
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18682Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16472
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24460
Impacted products
Vendor Product Version
autodesk 3ds_max 7
autodesk architectural_desktop 2005
autodesk architectural_desktop 2006
autodesk autocad 2005
autodesk autocad 2006
autodesk autocad_civil_3d 2005
autodesk autocad_civil_3d 2006
autodesk autocad_electrical 2005
autodesk autocad_electrical 2006
autodesk autocad_lt 2005
autodesk autocad_lt 2006
autodesk autocad_mechanical 2005
autodesk autocad_mechanical 2006
autodesk building_systems 2005
autodesk building_systems 2006
autodesk civil_design 2005
autodesk inventor 9
autodesk inventor 10
autodesk land_desktop 2005
autodesk land_desktop 2006
autodesk map_3d 2005
autodesk map_3d 2006
autodesk raster_design 2005
autodesk raster_design 2006
autodesk revit 7
autodesk revit 8
autodesk revit_structure 6
autodesk revit_structure 8.1
autodesk survey 2005
autodesk survey 2006
autodesk utility_design 2005
autodesk viz 2006


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:3ds_max:7:*:*:*:*:*:*:*",
                     matchCriteriaId: "21F34A76-B1BD-45C7-9EFE-221F5E35985F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:architectural_desktop:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "791C4C7D-4D59-47DF-830E-314AF749489C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:architectural_desktop:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "03924CB2-0553-499F-A073-9C969BCEE92C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A1AE6F6-B9C4-412A-B917-9C5EC1DD0E69",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "AED452EF-ED18-4F7B-AE45-BE031AED42B0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "19748367-BE4B-49F4-A505-A9C4E7CBC339",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BE81A33-FB05-4CE3-B871-2C108522872B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "F064E5F4-079C-4345-A16E-F5F7996EC5A3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "D002ED36-1612-43C5-9014-BF6360DB9D81",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF060231-C0C6-4B2F-B387-05E8AB1BF0CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "1312CE76-F9C6-4FED-ABC9-8C97FE69B071",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "45C3F280-B5FA-4BA6-ADFA-195C9D0D4155",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6A81BA6-CDEE-4BF4-B78B-C3FAA68D31EE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:building_systems:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "9B00278F-BB19-465F-A150-F14CBD665F08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:building_systems:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFD11268-AE49-4202-836E-322A35AF7B09",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:civil_design:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4A78C5B-EA4F-41B6-99AE-50F1D0A95619",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:9:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F754AD7-CEB4-404B-9FEC-2E719DFC3042",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:10:*:professional:*:*:*:*:*",
                     matchCriteriaId: "BC2BA958-9373-434E-BBBD-9954065AA790",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:land_desktop:2005:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "C40078F9-9DD0-40C0-A4DF-359AC401616F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:land_desktop:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F4C9960-DFA8-4599-A362-684AC3BE08D7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:map_3d:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB7B41DE-6DD2-4A58-9575-E12774D772E0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:map_3d:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "C245344A-E89B-42A6-9105-3784DC043F30",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:raster_design:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "7781D592-DB95-439C-B559-945CF300A645",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:raster_design:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAA56C0D-0317-4402-9275-06E27016E232",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:7:*:*:*:*:*:*:*",
                     matchCriteriaId: "FFF9AF1F-22F9-4920-BC9A-B6EAF43F54C6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:8:*:*:*:*:*:*:*",
                     matchCriteriaId: "1EFE74F6-6BE6-4EE9-A713-495F4A193EA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit_structure:6:*:*:*:*:*:*:*",
                     matchCriteriaId: "18A5DA3B-7BB8-4D5B-8FA2-09ACE64142D7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit_structure:8.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "5FA395F4-BC6A-4AF1-A3A2-D6CC8C3B732F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:survey:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "A028F3F2-2FD8-4456-B5F7-A58C35C9EDEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:survey:2006:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "5EBBD36A-2188-447A-ADB8-3E7F0C1575CA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:utility_design:2005:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAE1D0C9-AD53-41FF-835A-0353859F1FDD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:viz:2006:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E24F53D-56AC-425A-B2B7-019206E211B7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user's computer,\" aka ID DL5549329.",
      },
   ],
   id: "CVE-2005-4710",
   lastModified: "2025-04-03T01:03:51.193",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: true,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2005-12-31T05:00:00.000",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/18682",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.securityfocus.com/bid/16472",
      },
      {
         source: "cve@mitre.org",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/18682",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/16472",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-06-23 19:15
Modified
2024-11-21 07:48
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009Vendor Advisory
Impacted products
Vendor Product Version
autodesk alias *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk infraworks *
autodesk infraworks *
autodesk infraworks *
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk maya_usd *
autodesk maya_usd *
autodesk navisworks *
autodesk navisworks *
autodesk revit *
autodesk vred *


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5269098B-1C20-4754-99F9-0A6B97E1490D",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5829F52D-F61C-4B79-B724-3388B1B1723A",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "179FB815-E469-42A1-91CB-B766891C7552",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ADE81778-A65F-4A23-BDAC-AC28434E0887",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5FC936E-91AC-4810-9A34-7384096A4922",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "731F5891-D398-49AE-BA04-179D9FD18ED2",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E009D956-E27B-435B-A308-9279A7DA2087",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07A37B8B-7345-463B-A074-D8C2F242A311",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "85F1017C-4552-4A97-B911-8785EF5DC9A6",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0982CCA5-8834-43D7-8596-F330D7A0A52B",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B937A033-FDA2-461E-8697-2341A9DE23DB",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E60EF97-0AA1-480F-B03E-26709C58030F",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE681603-E303-4759-B301-37BACF233C76",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "29A021AB-AFB3-473C-8111-AB0C9D10C805",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9601144-D1E1-4F8A-A6C0-447E17F14337",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "74942A53-8D7E-4706-B9C3-EB1C03488684",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B95D329-E683-4128-8FC4-300CA974F1F1",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE68AFE1-0F44-4B37-87E5-C7D658186425",
                     versionEndExcluding: "2021.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
                     versionEndExcluding: "2022.1",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
                     versionEndExcluding: "2023.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB97A508-D0AC-47D2-8CA3-156063FFC136",
                     versionEndExcluding: "2021.5",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D35916C1-A782-42AC-B4D4-4131D8F430C3",
                     versionEndExcluding: "2022.4",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
                     versionEndExcluding: "2023.3.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8389D668-78CB-4CF9-85E0-E37A10D35698",
                     versionEndExcluding: "2022.5",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
                     versionEndExcluding: "2023.3",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB7E7583-0389-4959-B08E-BA433A32A84C",
                     versionEndExcluding: "2022.4",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E32A04AB-5C19-4328-9240-5A030E904726",
                     versionEndExcluding: "2023.2",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3392ACCC-079C-4AF8-A0A8-408711C9D094",
                     versionEndExcluding: "2021.1.8",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
                     versionEndExcluding: "2023.4",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.",
      },
   ],
   id: "CVE-2023-25003",
   lastModified: "2024-11-21T07:48:54.767",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-06-23T19:15:08.983",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
Impacted products
Vendor Product Version
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk fusion *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor 2021
autodesk infrastructure_parts_editor 2022
autodesk infraworks *
autodesk infraworks *
autodesk infraworks *
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2022.0
autodesk infraworks 2022.0
autodesk infraworks 2022.1
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk revit *
autodesk revit *
autodesk revit *
autodesk revit 2022
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis 2019
autodesk storm_and_sanitary_analysis 2022


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0E84020-F179-4AF3-BF9C-6D27259B2847",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87941CE7-7F89-4A09-BBE8-A0D829273A63",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A416E4B-0910-45FB-B468-A6D159C6FD11",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD0B37E9-4987-4B96-9B31-6168961E1496",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "20371433-EA59-442E-947A-CF0A6AFD750C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "71FA0271-BE55-48AD-B88D-34645684E9DE",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "77A1562A-07B8-4130-B319-1BE2800D8771",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E59ACB5-8745-46A8-889E-005DEA38925B",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "8FB94403-A063-4BDB-BE35-E198BF128709",
                     versionEndExcluding: "2020.3.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
                     versionEndExcluding: "2021.2.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "EEC464C9-D741-41B4-B460-B4305BCD83FA",
                     versionEndExcluding: "2022.2.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "230F8974-9613-4B58-8621-67CCE81E208C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9184783-2476-4ED0-9F05-CA2AC68446B3",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "120326C3-E212-4341-A25D-BC3DD50CF228",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BAA6D71-2B11-4490-A1C4-652347582EF6",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F78C528-605C-46F3-8CF0-828B682745B3",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B117299A-C5FE-419F-9C1C-DF58A2772055",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E140DC9-7000-48ED-A5C7-B23023DFB199",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC178212-E440-46E9-9F00-60A5516D4D72",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C71A1AD7-4651-4FA9-9114-023E07DCB285",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "984491F0-8303-4C6C-B884-00C032D797DD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
                     matchCriteriaId: "213232B9-A40B-436D-A66A-B65C49D59BE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
                     matchCriteriaId: "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
                     matchCriteriaId: "84ED1789-A17F-48F7-A152-09D2A5C59254",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
                     matchCriteriaId: "74819924-EB63-4BBF-9986-FEF6100EEE15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E9DF065-576B-46B8-9F64-A16D9CB25398",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
                     versionEndExcluding: "2022.1.1",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
                     versionEndExcluding: "2.0.11405",
                     versionStartIncluding: "2.0.10356",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
                     versionEndExcluding: "2019.2.2",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "27BA9C22-0044-429D-AD68-C040DF0E1E34",
                     versionEndExcluding: "2020.0.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
                     matchCriteriaId: "C59A098D-F778-49BB-8B02-61DFA956D456",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "829ACB24-271D-440F-8723-FDAE2430373E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36D46284-4E2E-4C56-B830-3C786D5A238F",
                     versionEndExcluding: "2019.3",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
                     versionEndExcluding: "2020.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE68AFE1-0F44-4B37-87E5-C7D658186425",
                     versionEndExcluding: "2021.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "6974FEA3-2CDE-438D-A153-372A20E0338A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "3D85361A-B19D-444A-A075-73DF234C081B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "8F7898E8-E540-4775-943C-26A4A7A7BA60",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
                     matchCriteriaId: "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "9A3FB713-593D-4CF4-97EE-10498DF3B008",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "7A1EAD58-4213-4340-9019-543A223C155D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "E8799159-8E69-4463-96D9-920E64A675B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "BAB28476-5965-441D-AAEF-F76F7C599F3F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "23B89172-71E0-482F-ABD9-E640EE18E1B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "C7E432F3-925E-4120-9568-F679302A26B2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
                     versionEndExcluding: "2019.6",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
                     versionEndExcluding: "2019.7",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD6A1944-2576-406F-8010-9080C68654D5",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34EEF338-800E-4350-BC57-815A4AC19523",
                     versionEndExcluding: "2019.2.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
                     versionEndExcluding: "2020.2.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81E7B898-A0C4-4458-8389-3310A2A889AE",
                     versionEndExcluding: "2021.1.5",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
                     versionEndExcluding: "2020.3.1",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
                     versionEndExcluding: "2021.3.1",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AC1FC52-ACBC-4119-B42E-0297375B4522",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.",
      },
      {
         lang: "es",
         value: "Un archivo PNG diseñado de forma maliciosa en el componente de procesamiento de imágenes de Autodesk puede usarse para intentar liberar un objeto que ya ha sido liberado mientras es analizado. Esta vulnerabilidad puede ser explotada por atacantes para ejecutar código arbitrario",
      },
   ],
   id: "CVE-2021-40166",
   lastModified: "2024-11-21T06:23:42.607",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-10-07T18:15:14.743",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
Impacted products
Vendor Product Version
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk fusion *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor 2021
autodesk infrastructure_parts_editor 2022
autodesk infraworks *
autodesk infraworks *
autodesk infraworks *
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2022.0
autodesk infraworks 2022.0
autodesk infraworks 2022.1
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk revit *
autodesk revit *
autodesk revit *
autodesk revit 2022
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis 2019
autodesk storm_and_sanitary_analysis 2022


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0E84020-F179-4AF3-BF9C-6D27259B2847",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87941CE7-7F89-4A09-BBE8-A0D829273A63",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A416E4B-0910-45FB-B468-A6D159C6FD11",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD0B37E9-4987-4B96-9B31-6168961E1496",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "20371433-EA59-442E-947A-CF0A6AFD750C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "71FA0271-BE55-48AD-B88D-34645684E9DE",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "77A1562A-07B8-4130-B319-1BE2800D8771",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E59ACB5-8745-46A8-889E-005DEA38925B",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "8FB94403-A063-4BDB-BE35-E198BF128709",
                     versionEndExcluding: "2020.3.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
                     versionEndExcluding: "2021.2.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "EEC464C9-D741-41B4-B460-B4305BCD83FA",
                     versionEndExcluding: "2022.2.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "230F8974-9613-4B58-8621-67CCE81E208C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9184783-2476-4ED0-9F05-CA2AC68446B3",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "120326C3-E212-4341-A25D-BC3DD50CF228",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BAA6D71-2B11-4490-A1C4-652347582EF6",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F78C528-605C-46F3-8CF0-828B682745B3",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B117299A-C5FE-419F-9C1C-DF58A2772055",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E140DC9-7000-48ED-A5C7-B23023DFB199",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC178212-E440-46E9-9F00-60A5516D4D72",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C71A1AD7-4651-4FA9-9114-023E07DCB285",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "984491F0-8303-4C6C-B884-00C032D797DD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
                     matchCriteriaId: "213232B9-A40B-436D-A66A-B65C49D59BE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
                     matchCriteriaId: "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
                     matchCriteriaId: "84ED1789-A17F-48F7-A152-09D2A5C59254",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
                     matchCriteriaId: "74819924-EB63-4BBF-9986-FEF6100EEE15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E9DF065-576B-46B8-9F64-A16D9CB25398",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
                     versionEndExcluding: "2022.1.1",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
                     versionEndExcluding: "2.0.11405",
                     versionStartIncluding: "2.0.10356",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
                     versionEndExcluding: "2019.2.2",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "27BA9C22-0044-429D-AD68-C040DF0E1E34",
                     versionEndExcluding: "2020.0.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
                     matchCriteriaId: "C59A098D-F778-49BB-8B02-61DFA956D456",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "829ACB24-271D-440F-8723-FDAE2430373E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36D46284-4E2E-4C56-B830-3C786D5A238F",
                     versionEndExcluding: "2019.3",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
                     versionEndExcluding: "2020.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE68AFE1-0F44-4B37-87E5-C7D658186425",
                     versionEndExcluding: "2021.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "6974FEA3-2CDE-438D-A153-372A20E0338A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "3D85361A-B19D-444A-A075-73DF234C081B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "8F7898E8-E540-4775-943C-26A4A7A7BA60",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
                     matchCriteriaId: "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "9A3FB713-593D-4CF4-97EE-10498DF3B008",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "7A1EAD58-4213-4340-9019-543A223C155D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "E8799159-8E69-4463-96D9-920E64A675B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "BAB28476-5965-441D-AAEF-F76F7C599F3F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "23B89172-71E0-482F-ABD9-E640EE18E1B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "C7E432F3-925E-4120-9568-F679302A26B2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
                     versionEndExcluding: "2019.6",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
                     versionEndExcluding: "2019.7",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD6A1944-2576-406F-8010-9080C68654D5",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34EEF338-800E-4350-BC57-815A4AC19523",
                     versionEndExcluding: "2019.2.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
                     versionEndExcluding: "2020.2.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81E7B898-A0C4-4458-8389-3310A2A889AE",
                     versionEndExcluding: "2021.1.5",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
                     versionEndExcluding: "2020.3.1",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
                     versionEndExcluding: "2021.3.1",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AC1FC52-ACBC-4119-B42E-0297375B4522",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.",
      },
      {
         lang: "es",
         value: "Podría producirse un desbordamiento del búfer en la región heap de la memoria pila mientras son analizados archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario",
      },
   ],
   id: "CVE-2021-40164",
   lastModified: "2024-11-21T06:23:42.310",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-10-07T18:15:14.560",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-06-27 19:15
Modified
2024-11-21 07:48
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009Vendor Advisory
Impacted products
Vendor Product Version
autodesk alias *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk infraworks *
autodesk infraworks *
autodesk infraworks *
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk maya_usd *
autodesk maya_usd *
autodesk navisworks *
autodesk navisworks *
autodesk revit *
autodesk vred *


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5269098B-1C20-4754-99F9-0A6B97E1490D",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5829F52D-F61C-4B79-B724-3388B1B1723A",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "179FB815-E469-42A1-91CB-B766891C7552",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ADE81778-A65F-4A23-BDAC-AC28434E0887",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5FC936E-91AC-4810-9A34-7384096A4922",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "731F5891-D398-49AE-BA04-179D9FD18ED2",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E009D956-E27B-435B-A308-9279A7DA2087",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "07A37B8B-7345-463B-A074-D8C2F242A311",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "85F1017C-4552-4A97-B911-8785EF5DC9A6",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0982CCA5-8834-43D7-8596-F330D7A0A52B",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B937A033-FDA2-461E-8697-2341A9DE23DB",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E60EF97-0AA1-480F-B03E-26709C58030F",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE681603-E303-4759-B301-37BACF233C76",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "29A021AB-AFB3-473C-8111-AB0C9D10C805",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9601144-D1E1-4F8A-A6C0-447E17F14337",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
                     versionEndExcluding: "2020.1.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
                     versionEndExcluding: "2021.1.3",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "74942A53-8D7E-4706-B9C3-EB1C03488684",
                     versionEndExcluding: "2022.1.3",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B95D329-E683-4128-8FC4-300CA974F1F1",
                     versionEndExcluding: "2023.1.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE68AFE1-0F44-4B37-87E5-C7D658186425",
                     versionEndExcluding: "2021.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
                     versionEndExcluding: "2022.1",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
                     versionEndExcluding: "2023.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB97A508-D0AC-47D2-8CA3-156063FFC136",
                     versionEndExcluding: "2021.5",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D35916C1-A782-42AC-B4D4-4131D8F430C3",
                     versionEndExcluding: "2022.4",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
                     versionEndExcluding: "2023.3.1",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8389D668-78CB-4CF9-85E0-E37A10D35698",
                     versionEndExcluding: "2022.5",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
                     versionEndExcluding: "2023.3",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB7E7583-0389-4959-B08E-BA433A32A84C",
                     versionEndExcluding: "2022.4",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E32A04AB-5C19-4328-9240-5A030E904726",
                     versionEndExcluding: "2023.2",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3392ACCC-079C-4AF8-A0A8-408711C9D094",
                     versionEndExcluding: "2021.1.8",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
                     versionEndExcluding: "2023.4",
                     versionStartIncluding: "2023",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.",
      },
   ],
   id: "CVE-2023-25004",
   lastModified: "2024-11-21T07:48:54.893",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-06-27T19:15:09.383",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-190",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
Impacted products
Vendor Product Version
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk fusion *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor 2021
autodesk infrastructure_parts_editor 2022
autodesk infraworks *
autodesk infraworks *
autodesk infraworks *
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2022.0
autodesk infraworks 2022.0
autodesk infraworks 2022.1
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk revit *
autodesk revit *
autodesk revit *
autodesk revit 2022
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis 2019
autodesk storm_and_sanitary_analysis 2022


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0E84020-F179-4AF3-BF9C-6D27259B2847",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87941CE7-7F89-4A09-BBE8-A0D829273A63",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A416E4B-0910-45FB-B468-A6D159C6FD11",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD0B37E9-4987-4B96-9B31-6168961E1496",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "20371433-EA59-442E-947A-CF0A6AFD750C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "71FA0271-BE55-48AD-B88D-34645684E9DE",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "77A1562A-07B8-4130-B319-1BE2800D8771",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E59ACB5-8745-46A8-889E-005DEA38925B",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "8FB94403-A063-4BDB-BE35-E198BF128709",
                     versionEndExcluding: "2020.3.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
                     versionEndExcluding: "2021.2.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "EEC464C9-D741-41B4-B460-B4305BCD83FA",
                     versionEndExcluding: "2022.2.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "230F8974-9613-4B58-8621-67CCE81E208C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9184783-2476-4ED0-9F05-CA2AC68446B3",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "120326C3-E212-4341-A25D-BC3DD50CF228",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BAA6D71-2B11-4490-A1C4-652347582EF6",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F78C528-605C-46F3-8CF0-828B682745B3",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B117299A-C5FE-419F-9C1C-DF58A2772055",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E140DC9-7000-48ED-A5C7-B23023DFB199",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC178212-E440-46E9-9F00-60A5516D4D72",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C71A1AD7-4651-4FA9-9114-023E07DCB285",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "984491F0-8303-4C6C-B884-00C032D797DD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
                     matchCriteriaId: "213232B9-A40B-436D-A66A-B65C49D59BE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
                     matchCriteriaId: "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
                     matchCriteriaId: "84ED1789-A17F-48F7-A152-09D2A5C59254",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
                     matchCriteriaId: "74819924-EB63-4BBF-9986-FEF6100EEE15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E9DF065-576B-46B8-9F64-A16D9CB25398",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
                     versionEndExcluding: "2022.1.1",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
                     versionEndExcluding: "2.0.11405",
                     versionStartIncluding: "2.0.10356",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
                     versionEndExcluding: "2019.2.2",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "27BA9C22-0044-429D-AD68-C040DF0E1E34",
                     versionEndExcluding: "2020.0.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
                     matchCriteriaId: "C59A098D-F778-49BB-8B02-61DFA956D456",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "829ACB24-271D-440F-8723-FDAE2430373E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36D46284-4E2E-4C56-B830-3C786D5A238F",
                     versionEndExcluding: "2019.3",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
                     versionEndExcluding: "2020.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE68AFE1-0F44-4B37-87E5-C7D658186425",
                     versionEndExcluding: "2021.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "6974FEA3-2CDE-438D-A153-372A20E0338A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "3D85361A-B19D-444A-A075-73DF234C081B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "8F7898E8-E540-4775-943C-26A4A7A7BA60",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
                     matchCriteriaId: "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "9A3FB713-593D-4CF4-97EE-10498DF3B008",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "7A1EAD58-4213-4340-9019-543A223C155D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "E8799159-8E69-4463-96D9-920E64A675B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "BAB28476-5965-441D-AAEF-F76F7C599F3F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "23B89172-71E0-482F-ABD9-E640EE18E1B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "C7E432F3-925E-4120-9568-F679302A26B2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
                     versionEndExcluding: "2019.6",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
                     versionEndExcluding: "2019.7",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD6A1944-2576-406F-8010-9080C68654D5",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34EEF338-800E-4350-BC57-815A4AC19523",
                     versionEndExcluding: "2019.2.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
                     versionEndExcluding: "2020.2.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81E7B898-A0C4-4458-8389-3310A2A889AE",
                     versionEndExcluding: "2021.1.5",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
                     versionEndExcluding: "2020.3.1",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
                     versionEndExcluding: "2021.3.1",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AC1FC52-ACBC-4119-B42E-0297375B4522",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.",
      },
      {
         lang: "es",
         value: "Los archivos TIF, PICT, TGA o RLC diseñados de forma maliciosa en el componente de procesamiento de imágenes de Autodesk pueden ser forzados a leer más allá de los límites asignados cuando son analizados los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar código arbitrario",
      },
   ],
   id: "CVE-2021-40162",
   lastModified: "2024-11-21T06:23:42.010",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-10-07T18:15:14.383",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-01-25 20:15
Modified
2024-11-21 06:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002Vendor Advisory
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-281/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-283/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-284/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-285/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-286/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-287/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-288/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-441/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-443/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-444/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-445/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-447/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-448/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-449/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-450/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-451/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-452/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-453/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-454/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-455/Third Party Advisory, VDB Entry
psirt@autodesk.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-466/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-281/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-283/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-284/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-285/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-286/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-287/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-288/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-441/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-443/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-444/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-445/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-447/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-448/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-449/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-450/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-451/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-452/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-453/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-454/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-455/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-466/Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
autodesk advance_steel *
autodesk autocad *
autodesk autocad_architecture *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk civil_3d *
autodesk inventor *
autodesk inventor 2019
autodesk inventor 2020
autodesk inventor 2021


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1BE9431-DC86-4ABB-8EE2-9FADA3B0AEBA",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "120326C3-E212-4341-A25D-BC3DD50CF228",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B117299A-C5FE-419F-9C1C-DF58A2772055",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC178212-E440-46E9-9F00-60A5516D4D72",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "82C21398-6A86-4E56-A98E-E80FFCC6732E",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:2019:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0B62AB8-467B-4305-93C0-80F4ED72BFA0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:2020:*:*:*:*:*:*:*",
                     matchCriteriaId: "521006E6-57DF-4E48-9D9B-70EED55DDC9D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:2021:*:*:*:*:*:*:*",
                     matchCriteriaId: "C14111CD-085E-4B05-8FB6-2B2F871BE963",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.",
      },
      {
         lang: "es",
         value: "Un archivo JT malicioso en Autodesk Inventor 2022, 2021, 2020, 2019 y AutoCAD 2022 puede ser forzado a leer más allá de los límites asignados cuando se analiza el archivo JT. Esta vulnerabilidad, junto con otras, podría conducir a la ejecución de código en el contexto del proceso actual",
      },
   ],
   id: "CVE-2021-40158",
   lastModified: "2024-11-21T06:23:41.380",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-01-25T20:15:08.283",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-281/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-283/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-284/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-285/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-286/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-287/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-288/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-441/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-443/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-444/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-445/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-447/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-448/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-449/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-450/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-451/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-452/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-453/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-454/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-455/",
      },
      {
         source: "psirt@autodesk.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-466/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-281/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-283/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-284/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-285/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-286/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-287/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-288/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-441/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-443/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-444/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-445/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-447/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-448/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-449/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-450/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-451/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-452/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-453/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-454/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-455/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-22-466/",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
References
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011Vendor Advisory
Impacted products
Vendor Product Version
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_advance_steel *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_civil_3d *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk design_review 2018
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk fusion *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor 2021
autodesk infrastructure_parts_editor 2022
autodesk infraworks *
autodesk infraworks *
autodesk infraworks *
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2019.3
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2020.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2021.2
autodesk infraworks 2022.0
autodesk infraworks 2022.0
autodesk infraworks 2022.1
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk inventor *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk navisworks *
autodesk revit *
autodesk revit *
autodesk revit *
autodesk revit 2022
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis *
autodesk storm_and_sanitary_analysis 2019
autodesk storm_and_sanitary_analysis 2022


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0E84020-F179-4AF3-BF9C-6D27259B2847",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87941CE7-7F89-4A09-BBE8-A0D829273A63",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A416E4B-0910-45FB-B468-A6D159C6FD11",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD0B37E9-4987-4B96-9B31-6168961E1496",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "20371433-EA59-442E-947A-CF0A6AFD750C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "71FA0271-BE55-48AD-B88D-34645684E9DE",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "77A1562A-07B8-4130-B319-1BE2800D8771",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E59ACB5-8745-46A8-889E-005DEA38925B",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "8FB94403-A063-4BDB-BE35-E198BF128709",
                     versionEndExcluding: "2020.3.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
                     versionEndExcluding: "2021.2.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
                     matchCriteriaId: "EEC464C9-D741-41B4-B460-B4305BCD83FA",
                     versionEndExcluding: "2022.2.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "230F8974-9613-4B58-8621-67CCE81E208C",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9184783-2476-4ED0-9F05-CA2AC68446B3",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "120326C3-E212-4341-A25D-BC3DD50CF228",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BAA6D71-2B11-4490-A1C4-652347582EF6",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F78C528-605C-46F3-8CF0-828B682745B3",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B117299A-C5FE-419F-9C1C-DF58A2772055",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E140DC9-7000-48ED-A5C7-B23023DFB199",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC178212-E440-46E9-9F00-60A5516D4D72",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C71A1AD7-4651-4FA9-9114-023E07DCB285",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "984491F0-8303-4C6C-B884-00C032D797DD",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
                     versionEndExcluding: "2022.1.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
                     matchCriteriaId: "213232B9-A40B-436D-A66A-B65C49D59BE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
                     matchCriteriaId: "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
                     matchCriteriaId: "84ED1789-A17F-48F7-A152-09D2A5C59254",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
                     matchCriteriaId: "74819924-EB63-4BBF-9986-FEF6100EEE15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
                     versionEndExcluding: "2019.1.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E9DF065-576B-46B8-9F64-A16D9CB25398",
                     versionEndExcluding: "2020.1.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
                     versionEndExcluding: "2021.1.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
                     versionEndExcluding: "2022.1.1",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
                     versionEndExcluding: "2.0.11405",
                     versionStartIncluding: "2.0.10356",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
                     versionEndExcluding: "2019.2.2",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "27BA9C22-0044-429D-AD68-C040DF0E1E34",
                     versionEndExcluding: "2020.0.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
                     matchCriteriaId: "C59A098D-F778-49BB-8B02-61DFA956D456",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "829ACB24-271D-440F-8723-FDAE2430373E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "36D46284-4E2E-4C56-B830-3C786D5A238F",
                     versionEndExcluding: "2019.3",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
                     versionEndExcluding: "2020.2",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE68AFE1-0F44-4B37-87E5-C7D658186425",
                     versionEndExcluding: "2021.2",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "6974FEA3-2CDE-438D-A153-372A20E0338A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "3D85361A-B19D-444A-A075-73DF234C081B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "8F7898E8-E540-4775-943C-26A4A7A7BA60",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
                     matchCriteriaId: "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "9A3FB713-593D-4CF4-97EE-10498DF3B008",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "7A1EAD58-4213-4340-9019-543A223C155D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "E8799159-8E69-4463-96D9-920E64A675B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "BAB28476-5965-441D-AAEF-F76F7C599F3F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "23B89172-71E0-482F-ABD9-E640EE18E1B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "C7E432F3-925E-4120-9568-F679302A26B2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
                     versionEndExcluding: "2019.6",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
                     versionEndExcluding: "2019.7",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
                     versionEndExcluding: "2020.5",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD6A1944-2576-406F-8010-9080C68654D5",
                     versionEndExcluding: "2021.4",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
                     versionEndExcluding: "2022.2",
                     versionStartIncluding: "2022",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34EEF338-800E-4350-BC57-815A4AC19523",
                     versionEndExcluding: "2019.2.4",
                     versionStartIncluding: "2019",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
                     versionEndExcluding: "2020.2.6",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81E7B898-A0C4-4458-8389-3310A2A889AE",
                     versionEndExcluding: "2021.1.5",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
                     versionEndExcluding: "2020.3.1",
                     versionStartIncluding: "2020",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
                     versionEndExcluding: "2021.3.1",
                     versionStartIncluding: "2021",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AC1FC52-ACBC-4119-B42E-0297375B4522",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de corrupción de memoria puede conllevar a una ejecución de código mediante archivos DLL diseñados de forma maliciosa por medio del componente de procesamiento de imágenes de Autodesk",
      },
   ],
   id: "CVE-2021-40163",
   lastModified: "2024-11-21T06:23:42.163",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-10-07T18:15:14.460",
   references: [
      {
         source: "psirt@autodesk.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
      },
   ],
   sourceIdentifier: "psirt@autodesk.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

CVE-2024-7992 (GCVE-0-2024-7992)
Vulnerability from cvelistv5
Published
2024-10-29 21:50
Modified
2025-04-11 17:00
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021
Impacted products
Vendor Product Version
Autodesk AutoCAD Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD LT Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Architecture Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Electrical Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MAP 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Mechanical Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MEP Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Plant 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Civil 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Advance Steel Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk DWG TrueView Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Infrastructure Parts Editor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Inventor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Manage Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Simulate Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Revit Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Vault Basic Client Version: 2025   < 2025.1.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7992",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-30T13:51:27.431632Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-30T15:00:32.444Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD LT",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Architecture",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Electrical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MAP 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Mechanical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MEP",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Plant 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Civil 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Advance Steel",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "DWG TrueView",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:infrastructure_parts_editor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Infrastructure Parts Editor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:inventor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Inventor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_manage:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Manage",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_simulate:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Simulate",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Revit",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:vault_basic_client:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Vault Basic Client",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<span style=\"background-color: rgb(255, 255, 255);\">A maliciously crafted DWG file, when parsed</span> <span style=\"background-color: rgb(255, 255, 255);\">through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><br>",
                  },
               ],
               value: "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-100",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-100 Overflow Buffers",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-121",
                     description: "CWE-121 Stack Overflow",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-04-11T17:00:32.199Z",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability",
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2024-7992",
      datePublished: "2024-10-29T21:50:13.232Z",
      dateReserved: "2024-08-19T21:37:08.684Z",
      dateUpdated: "2025-04-11T17:00:32.199Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-7991 (GCVE-0-2024-7991)
Vulnerability from cvelistv5
Published
2024-10-29 21:49
Modified
2025-04-11 16:59
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021
Impacted products
Vendor Product Version
Autodesk AutoCAD Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD LT Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Architecture Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Electrical Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MAP 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Mechanical Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MEP Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Plant 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Civil 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Advance Steel Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk DWG TrueView Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Infrastructure Parts Editor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Inventor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Manage Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Simulate Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Revit Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Vault Basic Client Version: 2025   < 2025.1.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7991",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-30T13:51:28.629296Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-30T15:00:49.205Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD LT",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Architecture",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Electrical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MAP 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Mechanical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MEP",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Plant 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Civil 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Advance Steel",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "DWG TrueView",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:infrastructure_parts_editor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Infrastructure Parts Editor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:inventor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Inventor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_manage:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Manage",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_simulate:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Simulate",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Revit",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:vault_basic_client:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Vault Basic Client",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.",
                  },
               ],
               value: "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-100",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-100 Overflow Buffers",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "CWE-787 Out-of-Bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-04-11T16:59:58.784Z",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Autodesk AutoCAD DWG Out-of-Bounds Write Code Execution Vulnerability",
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2024-7991",
      datePublished: "2024-10-29T21:49:02.128Z",
      dateReserved: "2024-08-19T21:37:04.701Z",
      dateUpdated: "2025-04-11T16:59:58.784Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-9996 (GCVE-0-2024-9996)
Vulnerability from cvelistv5
Published
2024-10-29 21:45
Modified
2025-04-11 17:03
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021
Impacted products
Vendor Product Version
Autodesk AutoCAD Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD LT Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Architecture Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Electrical Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MAP 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Mechanical Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MEP Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Plant 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Civil 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Advance Steel Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk DWG TrueView Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Infrastructure Parts Editor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Inventor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Manage Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Simulate Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Revit Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Vault Basic Client Version: 2025   < 2025.1.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-9996",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-30T13:51:30.961199Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-30T15:01:08.447Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD LT",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Architecture",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Electrical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MAP 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Mechanical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MEP",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Plant 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Civil 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Advance Steel",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "DWG TrueView",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:infrastructure_parts_editor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Infrastructure Parts Editor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:inventor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Inventor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_manage:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Manage",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_simulate:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Simulate",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Revit",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:vault_basic_client:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Vault Basic Client",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.",
                  },
               ],
               value: "A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-100",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-100 Overflow Buffers",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "CWE-787 Out-of-Bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-04-11T17:03:05.766Z",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Code Execution Vulnerability",
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2024-9996",
      datePublished: "2024-10-29T21:45:17.527Z",
      dateReserved: "2024-10-15T13:39:36.931Z",
      dateUpdated: "2025-04-11T17:03:05.766Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-9997 (GCVE-0-2024-9997)
Vulnerability from cvelistv5
Published
2024-10-29 21:45
Modified
2025-04-04 20:46
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021
Impacted products
Vendor Product Version
Autodesk AutoCAD Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD LT Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Architecture Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Electrical Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Mechanical Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MEP Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Plant 3D Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Civil 3D Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Advance Steel Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk DWG TrueView Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Infrastructure Parts Editor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Inventor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Manage Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Simulate Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Revit Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Vault Basic Client Version: 2025   < 2025.1.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-9997",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-30T13:51:29.745174Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-30T15:00:57.856Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD LT",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Architecture",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Electrical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Mechanical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MEP",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Plant 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Civil 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Advance Steel",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "DWG TrueView",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:infrastructure_parts_editor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Infrastructure Parts Editor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:inventor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Inventor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_manage:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Manage",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_simulate:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Simulate",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Revit",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:vault_basic_client:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Vault Basic Client",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.<br>",
                  },
               ],
               value: "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-100",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-100 Overflow Buffers",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-120",
                     description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-04-04T20:46:33.247Z",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2024-9997",
      datePublished: "2024-10-29T21:45:59.005Z",
      dateReserved: "2024-10-15T13:39:39.800Z",
      dateUpdated: "2025-04-04T20:46:33.247Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-40158 (GCVE-0-2021-40158)
Vulnerability from cvelistv5
Published
2022-01-25 00:00
Modified
2024-08-04 02:27
Severity ?
Summary
A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002
https://www.zerodayinitiative.com/advisories/ZDI-22-287/
https://www.zerodayinitiative.com/advisories/ZDI-22-283/
https://www.zerodayinitiative.com/advisories/ZDI-22-288/
https://www.zerodayinitiative.com/advisories/ZDI-22-286/
https://www.zerodayinitiative.com/advisories/ZDI-22-284/
https://www.zerodayinitiative.com/advisories/ZDI-22-285/
https://www.zerodayinitiative.com/advisories/ZDI-22-281/
https://www.zerodayinitiative.com/advisories/ZDI-22-449/
https://www.zerodayinitiative.com/advisories/ZDI-22-441/
https://www.zerodayinitiative.com/advisories/ZDI-22-453/
https://www.zerodayinitiative.com/advisories/ZDI-22-444/
https://www.zerodayinitiative.com/advisories/ZDI-22-447/
https://www.zerodayinitiative.com/advisories/ZDI-22-448/
https://www.zerodayinitiative.com/advisories/ZDI-22-452/
https://www.zerodayinitiative.com/advisories/ZDI-22-445/
https://www.zerodayinitiative.com/advisories/ZDI-22-466/
https://www.zerodayinitiative.com/advisories/ZDI-22-451/
https://www.zerodayinitiative.com/advisories/ZDI-22-454/
https://www.zerodayinitiative.com/advisories/ZDI-22-443/
https://www.zerodayinitiative.com/advisories/ZDI-22-450/
https://www.zerodayinitiative.com/advisories/ZDI-22-455/
Impacted products
Vendor Product Version
n/a Inventor Version: 2022, 2021, 2020, 2019
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T02:27:31.854Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-287/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-283/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-288/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-286/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-284/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-285/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-281/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-449/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-441/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-453/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-444/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-447/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-448/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-452/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-445/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-466/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-451/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-454/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-443/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-450/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-455/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Inventor",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2022, 2021, 2020, 2019",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Out-of-bounds Read",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-07T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-287/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-283/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-288/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-286/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-284/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-285/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-281/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-449/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-441/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-453/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-444/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-447/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-448/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-452/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-445/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-466/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-451/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-454/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-443/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-450/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-455/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2021-40158",
      datePublished: "2022-01-25T00:00:00",
      dateReserved: "2021-08-27T00:00:00",
      dateUpdated: "2024-08-04T02:27:31.854Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2005-4710 (GCVE-0-2005-4710)
Vulnerability from cvelistv5
Published
2006-02-10 11:00
Modified
2024-08-07 23:53
Severity ?
Summary
Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.
References
http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232x_refsource_CONFIRM
http://secunia.com/advisories/18682third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/24460vdb-entry, x_refsource_XF
http://www.securityfocus.com/bid/16472vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T23:53:28.986Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232",
               },
               {
                  name: "18682",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/18682",
               },
               {
                  name: "autodesk-gain-privileges(24460)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460",
               },
               {
                  name: "16472",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/16472",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2005-10-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user's computer,\" aka ID DL5549329.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-07-19T15:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232",
            },
            {
               name: "18682",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/18682",
            },
            {
               name: "autodesk-gain-privileges(24460)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460",
            },
            {
               name: "16472",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/16472",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2005-4710",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user's computer,\" aka ID DL5549329.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232",
                     refsource: "CONFIRM",
                     url: "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232",
                  },
                  {
                     name: "18682",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/18682",
                  },
                  {
                     name: "autodesk-gain-privileges(24460)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460",
                  },
                  {
                     name: "16472",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/16472",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2005-4710",
      datePublished: "2006-02-10T11:00:00",
      dateReserved: "2006-02-10T00:00:00",
      dateUpdated: "2024-08-07T23:53:28.986Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-40166 (GCVE-0-2021-40166)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011
Impacted products
Vendor Product Version
n/a Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D Version: 2022, 2021, 2020, 2019
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T02:27:31.562Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2022, 2021, 2020, 2019",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Use-After-Free",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-07T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2021-40166",
      datePublished: "2022-10-07T00:00:00",
      dateReserved: "2021-08-27T00:00:00",
      dateUpdated: "2024-08-04T02:27:31.562Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2023-25003 (GCVE-0-2023-25003)
Vulnerability from cvelistv5
Published
2023-06-23 00:00
Modified
2024-12-05 17:10
Severity ?
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009
Impacted products
Vendor Product Version
n/a AutoCAD, Maya Version: 2023, 2022
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T11:11:43.401Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-25003",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-05T17:09:59.558363Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-05T17:10:10.146Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: " AutoCAD, Maya ",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2023, 2022",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "out-of-bound read write / read",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-06-23T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2023-25003",
      datePublished: "2023-06-23T00:00:00",
      dateReserved: "2023-02-01T00:00:00",
      dateUpdated: "2024-12-05T17:10:10.146Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-8896 (GCVE-0-2024-8896)
Vulnerability from cvelistv5
Published
2024-10-29 21:43
Modified
2025-04-04 20:42
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021
Impacted products
Vendor Product Version
Autodesk AutoCAD Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD LT Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Architecture Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Electrical Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Mechanical Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MEP Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Plant 3D Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Civil 3D Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Advance Steel Version: 2025   < 2025.1.1
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk DWG TrueView Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Infrastructure Parts Editor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Inventor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Manage Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Simulate Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Revit Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Vault Basic Client Version: 2025   < 2025.1.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-8896",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-30T13:51:33.412413Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-30T15:01:25.860Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD LT",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Architecture",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Electrical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Mechanical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MEP",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Plant 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Civil 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Advance Steel",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "DWG TrueView",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:infrastructure_parts_editor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Infrastructure Parts Editor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:inventor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Inventor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_manage:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Manage",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_simulate:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Simulate",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Revit",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:vault_basic_client:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Vault Basic Client",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A maliciously crafted DXF file when parsed in acdb25.dll&nbsp;through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.",
                  },
               ],
               value: "A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-100",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-100 Overflow Buffers",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-908",
                     description: "CWE-908 Use of Uninitialized Resource",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-04-04T20:42:09.635Z",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Autodesk AutoCAD DXF File Parsing Unitialized Variable Code Execution Vulnerability",
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2024-8896",
      datePublished: "2024-10-29T21:43:11.437Z",
      dateReserved: "2024-09-16T14:34:49.668Z",
      dateUpdated: "2025-04-04T20:42:09.635Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-40162 (GCVE-0-2021-40162)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011
Impacted products
Vendor Product Version
n/a Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D Version: 2022, 2021, 2020, 2019
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T02:27:31.539Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2022, 2021, 2020, 2019",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Out-of-Band Read",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-07T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2021-40162",
      datePublished: "2022-10-07T00:00:00",
      dateReserved: "2021-08-27T00:00:00",
      dateUpdated: "2024-08-04T02:27:31.539Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2024-9489 (GCVE-0-2024-9489)
Vulnerability from cvelistv5
Published
2024-10-29 21:44
Modified
2025-04-11 17:01
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021
Impacted products
Vendor Product Version
Autodesk AutoCAD Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD LT Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Architecture Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Electrical Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MAP 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Mechanical Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD MEP Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk AutoCAD Plant 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Civil 3D Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk Advance Steel Version: 2025   < 2025.1.1
Version: 2024   < 2024.1.7
Version: 2023   < 2023.1.7
 Create a notification for this product.
   Autodesk DWG TrueView Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Infrastructure Parts Editor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Inventor Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Manage Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Navisworks Simulate Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Revit Version: 2025   < 2025.1.1
 Create a notification for this product.
   Autodesk Vault Basic Client Version: 2025   < 2025.1.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-9489",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-30T13:51:32.196438Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-30T15:01:17.148Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD LT",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Architecture",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Electrical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MAP 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Mechanical",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD MEP",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "AutoCAD Plant 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Civil 3D",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
                  "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Advance Steel",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2024.1.7",
                     status: "affected",
                     version: "2024",
                     versionType: "custom",
                  },
                  {
                     lessThan: "2023.1.7",
                     status: "affected",
                     version: "2023",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "DWG TrueView",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:infrastructure_parts_editor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Infrastructure Parts Editor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:inventor:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Inventor",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_manage:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Manage",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:navisworks_simulate:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Navisworks Simulate",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Revit",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
            {
               cpe: [
                  "cpe:2.3:a:autodesk:vault_basic_client:2025:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "Vault Basic Client",
               vendor: "Autodesk",
               versions: [
                  {
                     lessThan: "2025.1.1",
                     status: "affected",
                     version: "2025",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.",
                  },
               ],
               value: "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-100",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-100 Overflow Buffers",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-119",
                     description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-04-11T17:01:56.252Z",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
         x_generator: {
            engine: "Vulnogram 0.2.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2024-9489",
      datePublished: "2024-10-29T21:44:39.027Z",
      dateReserved: "2024-10-03T18:19:18.769Z",
      dateUpdated: "2025-04-11T17:01:56.252Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-40165 (GCVE-0-2021-40165)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011
Impacted products
Vendor Product Version
n/a Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D Version: 2022, 2021, 2020, 2019
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T02:27:31.537Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2022, 2021, 2020, 2019",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Buffer Overflow",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-07T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2021-40165",
      datePublished: "2022-10-07T00:00:00",
      dateReserved: "2021-08-27T00:00:00",
      dateUpdated: "2024-08-04T02:27:31.537Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2023-25004 (GCVE-0-2023-25004)
Vulnerability from cvelistv5
Published
2023-06-27 00:00
Modified
2024-12-05 14:40
Severity ?
Summary
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009
Impacted products
Vendor Product Version
n/a Autodesk products Version: 2023, 2022, 2021, 2020
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T11:11:43.391Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-25004",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-05T14:39:57.188378Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-05T14:40:18.983Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Autodesk products",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2023, 2022, 2021, 2020",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Integer Overflow",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-06-27T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2023-25004",
      datePublished: "2023-06-27T00:00:00",
      dateReserved: "2023-02-01T00:00:00",
      dateUpdated: "2024-12-05T14:40:18.983Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-40164 (GCVE-0-2021-40164)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011
Impacted products
Vendor Product Version
n/a Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D Version: 2022, 2021, 2020, 2019
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T02:27:31.502Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2022, 2021, 2020, 2019",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Heap-based Overflow",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-07T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2021-40164",
      datePublished: "2022-10-07T00:00:00",
      dateReserved: "2021-08-27T00:00:00",
      dateUpdated: "2024-08-04T02:27:31.502Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2023-29068 (GCVE-0-2023-29068)
Vulnerability from cvelistv5
Published
2023-06-27 00:00
Modified
2024-12-05 14:41
Severity ?
Summary
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009
Impacted products
Vendor Product Version
n/a Autodesk products Version: 2023, 2022, 2021, 2020
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T14:00:14.952Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-29068",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-05T14:41:27.413833Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-05T14:41:43.199Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Autodesk products",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2023, 2022, 2021, 2020",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "memory corruption vulnerability",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-06-27T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2023-29068",
      datePublished: "2023-06-27T00:00:00",
      dateReserved: "2023-03-30T00:00:00",
      dateUpdated: "2024-12-05T14:41:43.199Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-40163 (GCVE-0-2021-40163)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011
Impacted products
Vendor Product Version
n/a Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D Version: 2022, 2021, 2020, 2019
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T02:27:31.853Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2022, 2021, 2020, 2019",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Memory Corruption ",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-07T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2021-40163",
      datePublished: "2022-10-07T00:00:00",
      dateReserved: "2021-08-27T00:00:00",
      dateUpdated: "2024-08-04T02:27:31.853Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2022-25788 (GCVE-0-2022-25788)
Vulnerability from cvelistv5
Published
2022-04-19 20:26
Modified
2024-08-03 04:49
Severity ?
Summary
A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002x_refsource_MISC
Impacted products
Vendor Product Version
n/a Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D Version: 2022.1.1
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T04:49:43.514Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2022.1.1",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Out-of-bound Write",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-04-19T20:26:31",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@autodesk.com",
               ID: "CVE-2022-25788",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "2022.1.1",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Out-of-bound Write",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
                     refsource: "MISC",
                     url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2022-25788",
      datePublished: "2022-04-19T20:26:31",
      dateReserved: "2022-02-22T00:00:00",
      dateUpdated: "2024-08-03T04:49:43.514Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-40159 (GCVE-0-2021-40159)
Vulnerability from cvelistv5
Published
2022-01-25 00:00
Modified
2024-08-04 02:27
Severity ?
Summary
An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002
https://www.zerodayinitiative.com/advisories/ZDI-22-282/
https://www.zerodayinitiative.com/advisories/ZDI-22-289/
Impacted products
Vendor Product Version
n/a Inventor Version: 2022, 2021, 2020, 2019
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T02:27:31.832Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-282/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-22-289/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Inventor",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "2022, 2021, 2020, 2019",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Information Disclosure",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-07T00:00:00",
            orgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
            shortName: "autodesk",
         },
         references: [
            {
               url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-282/",
            },
            {
               url: "https://www.zerodayinitiative.com/advisories/ZDI-22-289/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601",
      assignerShortName: "autodesk",
      cveId: "CVE-2021-40159",
      datePublished: "2022-01-25T00:00:00",
      dateReserved: "2021-08-27T00:00:00",
      dateUpdated: "2024-08-04T02:27:31.832Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}