All the vulnerabilites related to autodesk - revit
cve-2023-25002
Vulnerability from cvelistv5
Published
2023-06-27 00:00
Modified
2024-12-05 14:39
Severity ?
EPSS score ?
Summary
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:38:10.506379Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:39:41.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25002",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T14:39:41.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7992
Vulnerability from cvelistv5
Published
2024-10-29 21:50
Modified
2024-11-15 21:35
Severity ?
EPSS score ?
Summary
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:27.431632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:00:32.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "AutoCAD",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Infrastructure Parts Editor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Inventor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Manage",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Simulate",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Vault Basic Client",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted DWG file, when parsed\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethrough Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T21:35:26.842Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-7992",
"datePublished": "2024-10-29T21:50:13.232Z",
"dateReserved": "2024-08-19T21:37:08.684Z",
"dateUpdated": "2024-11-15T21:35:26.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29068
Vulnerability from cvelistv5
Published
2023-06-27 00:00
Modified
2024-12-05 14:41
Severity ?
EPSS score ?
Summary
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Autodesk products |
Version: 2023, 2022, 2021, 2020 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:14.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:41:27.413833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:41:43.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021, 2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory corruption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-29068",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-03-30T00:00:00",
"dateUpdated": "2024-12-05T14:41:43.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27871
Vulnerability from cvelistv5
Published
2022-06-21 14:23
Modified
2024-08-03 05:41
Severity ?
EPSS score ?
Summary
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Autodesk AutoCAD product suite, Revit, Design Review and Navisworks |
Version: 2022, 2021, 2020,2019 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:41:10.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk AutoCAD product suite, Revit, Design Review and Navisworks",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020,2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Buffer Overflow vul",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-21T14:23:33",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2022-27871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk AutoCAD product suite, Revit, Design Review and Navisworks",
"version": {
"version_data": [
{
"version_value": "2022, 2021, 2020,2019"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow vul"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2022-27871",
"datePublished": "2022-06-21T14:23:33",
"dateReserved": "2022-03-25T00:00:00",
"dateUpdated": "2024-08-03T05:41:10.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37008
Vulnerability from cvelistv5
Published
2024-08-21 10:02
Modified
2024-08-26 21:08
Severity ?
EPSS score ?
Summary
A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:revit_lt:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "revit_lt",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThanOrEqual": "2024.2.1",
"status": "affected",
"version": "2024",
"versionType": "semver"
},
{
"lessThanOrEqual": "2023.1.4",
"status": "affected",
"version": "2023",
"versionType": "semver"
},
{
"lessThanOrEqual": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37008",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T18:53:46.614281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T21:08:41.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025",
"versionType": "semver"
},
{
"lessThanOrEqual": "2024.2.1",
"status": "affected",
"version": "2024",
"versionType": "semver"
},
{
"lessThanOrEqual": "2023.1.4",
"status": "affected",
"version": "2023",
"versionType": "semver"
},
{
"lessThanOrEqual": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Revit LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025",
"versionType": "semver"
},
{
"lessThanOrEqual": "2024.2.1",
"status": "affected",
"version": "2024",
"versionType": "semver"
},
{
"lessThanOrEqual": "2023.1.4",
"status": "affected",
"version": "2023",
"versionType": "semver"
},
{
"lessThanOrEqual": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.\u003c/p\u003e"
}
],
"value": "A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T12:44:55.475Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0013"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stack-based Overflow Vulnerability in Revit Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-37008",
"datePublished": "2024-08-21T10:02:21.128Z",
"dateReserved": "2024-05-30T20:11:46.550Z",
"dateUpdated": "2024-08-26T21:08:41.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40160
Vulnerability from cvelistv5
Published
2021-12-23 18:31
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Navisworks, Autodesk\u00ae Advance Steel, AutoCAD\u00ae, AutoCAD\u00ae Architecture, AutoCAD\u00ae Electrical, AutoCAD\u00ae Map 3D, AutoCAD\u00ae Mechanical, AutoCAD\u00ae MEP, AutoCAD\u00ae Plant 3D, AutoCAD\u00ae LT, Autodesk\u00ae Civil 3D, AutoCAD\u00ae Mac, AutoCAD\u00ae LT for Mac",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "prior to 9.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bound Read Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-18T16:20:48",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2021-40160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Revit, Navisworks, Autodesk\u00ae Advance Steel, AutoCAD\u00ae, AutoCAD\u00ae Architecture, AutoCAD\u00ae Electrical, AutoCAD\u00ae Map 3D, AutoCAD\u00ae Mechanical, AutoCAD\u00ae MEP, AutoCAD\u00ae Plant 3D, AutoCAD\u00ae LT, Autodesk\u00ae Civil 3D, AutoCAD\u00ae Mac, AutoCAD\u00ae LT for Mac",
"version": {
"version_data": [
{
"version_value": "prior to 9.0.7"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bound Read Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40160",
"datePublished": "2021-12-23T18:31:31",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9997
Vulnerability from cvelistv5
Published
2024-10-29 21:45
Modified
2024-11-15 21:41
Severity ?
EPSS score ?
Summary
A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:29.745174Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:00:57.856Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "AutoCAD",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Infrastructure Parts Editor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Inventor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Manage",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Simulate",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Vault Basic Client",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T21:41:09.391Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-9997",
"datePublished": "2024-10-29T21:45:59.005Z",
"dateReserved": "2024-10-15T13:39:39.800Z",
"dateUpdated": "2024-11-15T21:41:09.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40164
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40164",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9996
Vulnerability from cvelistv5
Published
2024-10-29 21:45
Modified
2024-11-15 21:39
Severity ?
EPSS score ?
Summary
A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:30.961199Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:08.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "AutoCAD",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Infrastructure Parts Editor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Inventor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Manage",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Simulate",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Vault Basic Client",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T21:39:50.983Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-9996",
"datePublished": "2024-10-29T21:45:17.527Z",
"dateReserved": "2024-10-15T13:39:36.931Z",
"dateUpdated": "2024-11-15T21:39:50.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7994
Vulnerability from cvelistv5
Published
2024-10-16 21:47
Modified
2024-10-18 18:01
Severity ?
EPSS score ?
Summary
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:revit:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "revit",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
},
{
"status": "affected",
"version": "2025"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T17:59:24.381901Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T18:01:01.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
},
{
"status": "affected",
"version": "2024"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRFA \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efile, when parsed through Autodesk \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRevit\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, can force a\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e Stack-Based Buffer Overflow\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. A malicious actor can \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eleverage\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T21:47:51.258Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0017"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stack-Based Buffer Overflow Vulnerability in Autodesk Revit",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-7994",
"datePublished": "2024-10-16T21:47:51.258Z",
"dateReserved": "2024-08-19T21:37:10.490Z",
"dateUpdated": "2024-10-18T18:01:01.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40161
Vulnerability from cvelistv5
Published
2021-12-23 18:31
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Navisworks, Autodesk\u00ae Advance Steel, AutoCAD\u00ae, AutoCAD\u00ae Architecture, AutoCAD\u00ae Electrical, AutoCAD\u00ae Map 3D, AutoCAD\u00ae Mechanical, AutoCAD\u00ae MEP, AutoCAD\u00ae Plant 3D, AutoCAD\u00ae LT, Autodesk\u00ae Civil 3D, AutoCAD\u00ae Mac, AutoCAD\u00ae LT for Mac",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "prior to 9.0.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-18T16:20:49",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2021-40161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Revit, Navisworks, Autodesk\u00ae Advance Steel, AutoCAD\u00ae, AutoCAD\u00ae Architecture, AutoCAD\u00ae Electrical, AutoCAD\u00ae Map 3D, AutoCAD\u00ae Mechanical, AutoCAD\u00ae MEP, AutoCAD\u00ae Plant 3D, AutoCAD\u00ae LT, Autodesk\u00ae Civil 3D, AutoCAD\u00ae Mac, AutoCAD\u00ae LT for Mac",
"version": {
"version_data": [
{
"version_value": "prior to 9.0.7"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40161",
"datePublished": "2021-12-23T18:31:43",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40162
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D |
Version: 2022, 2021, 2020, 2019 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-Band Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40162",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40163
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D |
Version: 2022, 2021, 2020, 2019 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40163",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-8896
Vulnerability from cvelistv5
Published
2024-10-29 21:43
Modified
2024-11-15 21:37
Severity ?
EPSS score ?
Summary
A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8896",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:33.412413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:25.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "AutoCAD",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Infrastructure Parts Editor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Inventor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Manage",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Simulate",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Vault Basic Client",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DXF file when parsed in acdb25.dll\u0026nbsp;through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted DXF file when parsed in acdb25.dll\u00a0through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T21:37:12.563Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DXF File Parsing Unitialized Variable Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8896",
"datePublished": "2024-10-29T21:43:11.437Z",
"dateReserved": "2024-09-16T14:34:49.668Z",
"dateUpdated": "2024-11-15T21:37:12.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-11268
Vulnerability from cvelistv5
Published
2024-12-09 17:42
Modified
2024-12-09 18:07
Severity ?
EPSS score ?
Summary
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash or could lead to an arbitrary memory leak.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11268",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-09T18:07:50.635674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T18:07:57.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
},
{
"status": "affected",
"version": "2024"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash or could lead to an arbitrary memory leak.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash or could lead to an arbitrary memory leak."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T17:42:15.362Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PDF File Parsing Vulnerability in Autodesk Revit",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-11268",
"datePublished": "2024-12-09T17:42:15.362Z",
"dateReserved": "2024-11-15T17:53:44.142Z",
"dateUpdated": "2024-12-09T18:07:57.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4710
Vulnerability from cvelistv5
Published
2006-02-10 11:00
Modified
2024-08-07 23:53
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.
References
| ▼ | URL | Tags |
|---|---|---|
| http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/18682 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24460 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/16472 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:53:28.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
},
{
"name": "18682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18682"
},
{
"name": "autodesk-gain-privileges(24460)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
},
{
"name": "16472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16472"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user\u0027s computer,\" aka ID DL5549329."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
},
{
"name": "18682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18682"
},
{
"name": "autodesk-gain-privileges(24460)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
},
{
"name": "16472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16472"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4710",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user\u0027s computer,\" aka ID DL5549329."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232",
"refsource": "CONFIRM",
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
},
{
"name": "18682",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18682"
},
{
"name": "autodesk-gain-privileges(24460)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
},
{
"name": "16472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16472"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4710",
"datePublished": "2006-02-10T11:00:00",
"dateReserved": "2006-02-10T00:00:00",
"dateUpdated": "2024-08-07T23:53:28.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-11608
Vulnerability from cvelistv5
Published
2024-12-09 17:53
Modified
2024-12-09 18:05
Severity ?
EPSS score ?
Summary
A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "revit",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11608",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-09T18:03:53.476189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T18:05:18.311Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T17:53:18.804Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0026"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-11608",
"datePublished": "2024-12-09T17:53:18.804Z",
"dateReserved": "2024-11-21T20:20:48.343Z",
"dateUpdated": "2024-12-09T18:05:18.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7993
Vulnerability from cvelistv5
Published
2024-10-16 21:47
Modified
2024-10-17 16:19
Severity ?
EPSS score ?
Summary
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "revit",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2024.2.2",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.3",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7993",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T16:17:26.757982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T16:19:18.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
},
{
"status": "affected",
"version": "2024"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePDF \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efile, when parsed through Autodesk \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRevit\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, can force an Out-of-Bounds Write. A malicious actor can \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eleverage\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e this vulnerability to cause a crash, \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ewrite \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T21:47:31.739Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0018"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-Bounds Write Vulnerability in Autodesk Revit",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-7993",
"datePublished": "2024-10-16T21:47:31.739Z",
"dateReserved": "2024-08-19T21:37:09.626Z",
"dateUpdated": "2024-10-17T16:19:18.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-11454
Vulnerability from cvelistv5
Published
2024-12-09 17:48
Modified
2024-12-09 18:07
Severity ?
EPSS score ?
Summary
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "revit",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-09T18:05:41.484045Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T18:07:39.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized."
}
],
"impacts": [
{
"capecId": "CAPEC-471",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-471 Search Order Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T17:48:30.983Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0025"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Untrusted Search Path vulnerability in Autodesk Revit",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-11454",
"datePublished": "2024-12-09T17:48:30.983Z",
"dateReserved": "2024-11-19T20:14:29.710Z",
"dateUpdated": "2024-12-09T18:07:39.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9489
Vulnerability from cvelistv5
Published
2024-10-29 21:44
Modified
2024-11-15 21:38
Severity ?
EPSS score ?
Summary
A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:32.196438Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:17.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "AutoCAD",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Infrastructure Parts Editor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Inventor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Manage",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Simulate",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Vault Basic Client",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T21:38:35.308Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-9489",
"datePublished": "2024-10-29T21:44:39.027Z",
"dateReserved": "2024-10-03T18:19:18.769Z",
"dateUpdated": "2024-11-15T21:38:35.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-25004
Vulnerability from cvelistv5
Published
2023-06-27 00:00
Modified
2024-12-05 14:40
Severity ?
EPSS score ?
Summary
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Autodesk products |
Version: 2023, 2022, 2021, 2020 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:39:57.188378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:40:18.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021, 2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25004",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T14:40:18.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-7991
Vulnerability from cvelistv5
Published
2024-10-29 21:49
Modified
2024-11-15 21:41
Severity ?
EPSS score ?
Summary
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7991",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:28.629296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:00:49.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "AutoCAD",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Infrastructure Parts Editor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Inventor",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Manage",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Navisworks Simulate",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Revit",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Vault Basic Client",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDW\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eG\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e f\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eile,\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ewhen parsed\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethrough Autodesk \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAutoCAD\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e and certain AutoCAD-based products,\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e can force an Out-of-Bound\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e Write. A malicious actor can \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003el\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eeverage\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethis vulnerability to cause a crash, \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eread\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e sensitive data, or execute arbitrary code in the context of the current process. \u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T21:41:39.238Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG Out-of-Bounds Write Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-7991",
"datePublished": "2024-10-29T21:49:02.128Z",
"dateReserved": "2024-08-19T21:37:04.701Z",
"dateUpdated": "2024-11-15T21:41:39.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40165
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D |
Version: 2022, 2021, 2020, 2019 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40165",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-25003
Vulnerability from cvelistv5
Published
2023-06-23 00:00
Modified
2024-12-05 17:10
Severity ?
EPSS score ?
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | AutoCAD, Maya |
Version: 2023, 2022 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T17:09:59.558363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T17:10:10.146Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": " AutoCAD, Maya ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bound read write / read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25003",
"datePublished": "2023-06-23T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T17:10:10.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40166
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D |
Version: 2022, 2021, 2020, 2019 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2022, 2021, 2020, 2019"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-After-Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-40166",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
Summary
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | fusion | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | 2021 | |
| autodesk | infrastructure_parts_editor | 2022 | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.1 | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | 2022 | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | 2019 | |
| autodesk | storm_and_sanitary_analysis | 2022 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Los archivos TIF, PICT, TGA o RLC dise\u00f1ados de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk pueden ser forzados a leer m\u00e1s all\u00e1 de los l\u00edmites asignados cuando son analizados los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40162",
"lastModified": "2024-11-21T06:23:42.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.383",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-23 19:15
Modified
2024-11-21 06:23
Severity ?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | advance_steel | * | |
| autodesk | advance_steel | * | |
| autodesk | advance_steel | * | |
| autodesk | advance_steel | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | civil_3d | * | |
| autodesk | civil_3d | * | |
| autodesk | civil_3d | * | |
| autodesk | civil_3d | * | |
| autodesk | autocad | * | |
| autodesk | autocad | 2020 | |
| autodesk | autocad | 2021 | |
| autodesk | autocad | 2022 | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | 2020 | |
| autodesk | autocad_lt | 2021 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8579FBF7-DA4C-48D2-8F9A-2D96D1CBF9A0",
"versionEndExcluding": "2020.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26E05A0E-6DBE-4DC0-A491-2A4419EA8835",
"versionEndExcluding": "2021.1.6",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F027164-A465-47C3-B92C-56A9D8759905",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFAEAD3-55FC-4918-8B74-B78975266C82",
"versionEndExcluding": "2019.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5C1908-9829-46DE-881F-57277490BE71",
"versionEndExcluding": "2020.4",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE821566-76A8-43D6-9628-B82CFE9FAC19",
"versionEndExcluding": "2021.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63ABBBCD-A869-47D6-BBBF-30E03F0DCC33",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "525AD44E-386E-42C9-8B2E-90F29855DF4A",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDC63B1-6EA4-48C6-998A-A86A82A74BD4",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BE9431-DC86-4ABB-8EE2-9FADA3B0AEBA",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0203EC49-7943-4759-B62D-334FAF6B7A83",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E40E1E-9B7F-4DB9-BB85-2832297135BC",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D23CAABD-FB77-4365-B7BC-4330315672AA",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BA4DE9-CCBC-4A08-B6C8-F50490BA2283",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8167B5BF-1B06-414F-9088-A126D7C06515",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "117BA468-7345-4FEA-A0E3-D4110F7472C3",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D8E7984-95F9-4FF4-AEBB-D60DF9F83D65",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A9231D-C524-49F5-A8D1-7D70D8034F5D",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1885BB08-EF19-4780-92F0-1ED4B18F0DB3",
"versionEndExcluding": "2019.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4E278B-360E-4F00-8479-9531EB417269",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "577AEF72-23CC-45D9-B391-8A3D79DAB5BA",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82C21398-6A86-4E56-A98E-E80FFCC6732E",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "9E2CC26F-F7B5-4BA6-A243-B22A37347A42",
"versionEndExcluding": "2022.2",
"versionStartExcluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2020:*:*:*:*:macos:*:*",
"matchCriteriaId": "5EF0E224-30B2-4A78-89A8-036304BBCE48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:macos:*:*",
"matchCriteriaId": "2FB00DBF-2EC2-433F-9987-189729A46314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:macos:*:*",
"matchCriteriaId": "68FC54D1-B4FC-404E-9742-72F8340FE3C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "FF16B57E-C704-43BE-94F5-F09493257323",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2020:*:*:*:*:macos:*:*",
"matchCriteriaId": "FC750C20-98CA-401E-B0AF-5013CE9CB319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2021:*:*:*:*:macos:*:*",
"matchCriteriaId": "164EB7AD-8B17-48E1-A73D-5E5D0012B360",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix4:*:*:*:*:*:*",
"matchCriteriaId": "100922EF-C773-4798-B352-B16FCAD48F36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version."
},
{
"lang": "es",
"value": "Una vulnerabilidad de corrupci\u00f3n de memoria puede conducir a la ejecuci\u00f3n de c\u00f3digo a trav\u00e9s de archivos DLL maliciosamente dise\u00f1ados a trav\u00e9s de PDFTron anterior a la versi\u00f3n 9.0.7"
}
],
"id": "CVE-2021-40161",
"lastModified": "2024-11-21T06:23:41.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-23T19:15:12.167",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-21 15:15
Modified
2024-11-21 06:56
Severity ?
Summary
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | 3ds_max | 2021 | |
| autodesk | 3ds_max | 2022 | |
| autodesk | advance_steel | 2019 | |
| autodesk | advance_steel | 2020 | |
| autodesk | advance_steel | 2021 | |
| autodesk | advance_steel | 2022 | |
| autodesk | autocad | 2019 | |
| autodesk | autocad | 2020 | |
| autodesk | autocad | 2021 | |
| autodesk | autocad | 2022 | |
| autodesk | autocad | 2022 | |
| autodesk | autocad_architecture | 2019 | |
| autodesk | autocad_architecture | 2020 | |
| autodesk | autocad_architecture | 2021 | |
| autodesk | autocad_architecture | 2022 | |
| autodesk | autocad_civil_3d | 2019 | |
| autodesk | autocad_civil_3d | 2020 | |
| autodesk | autocad_civil_3d | 2021 | |
| autodesk | autocad_civil_3d | 2022 | |
| autodesk | autocad_electrical | 2019 | |
| autodesk | autocad_electrical | 2020 | |
| autodesk | autocad_electrical | 2021 | |
| autodesk | autocad_electrical | 2022 | |
| autodesk | autocad_lt | 2019 | |
| autodesk | autocad_lt | 2020 | |
| autodesk | autocad_lt | 2021 | |
| autodesk | autocad_lt | 2022 | |
| autodesk | autocad_lt | 2022 | |
| autodesk | autocad_map_3d | 2019 | |
| autodesk | autocad_map_3d | 2020 | |
| autodesk | autocad_map_3d | 2021 | |
| autodesk | autocad_map_3d | 2022 | |
| autodesk | autocad_mechanical | 2019 | |
| autodesk | autocad_mechanical | 2020 | |
| autodesk | autocad_mechanical | 2021 | |
| autodesk | autocad_mechanical | 2022 | |
| autodesk | autocad_mep | 2019 | |
| autodesk | autocad_mep | 2020 | |
| autodesk | autocad_mep | 2021 | |
| autodesk | autocad_mep | 2022 | |
| autodesk | autocad_plant_3d | 2019 | |
| autodesk | autocad_plant_3d | 2020 | |
| autodesk | autocad_plant_3d | 2021 | |
| autodesk | autocad_plant_3d | 2022 | |
| autodesk | design_review | 2018 | |
| autodesk | navisworks | 2019 | |
| autodesk | navisworks | 2020 | |
| autodesk | navisworks | 2022 | |
| autodesk | revit | 2020 | |
| autodesk | revit | 2021 | |
| autodesk | revit | 2022 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:3ds_max:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "88A89032-1BA1-4657-98F6-E2ECB19BB4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:3ds_max:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "887292AA-AC0F-4931-B55B-5FAAA127E3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "963B02A8-97DE-4C10-9AE1-3DA4FBC9AF9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4543D1-94E4-4470-91BF-6F3141FD9DAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "AB44E46E-C1FF-4642-9F0D-FEE599F12508",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "FABA4668-B759-4EF8-B4F7-DD824A5BD38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "411DC826-735A-4BEB-84BE-9250F97F612E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "E30E2562-D38E-4764-874E-5B2FCF5639E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "88B2C295-D091-4C1D-8285-4309967707BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "EACE09F2-A323-4E4B-9A35-4EBAE3864E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:macos:*:*",
"matchCriteriaId": "68FC54D1-B4FC-404E-9742-72F8340FE3C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9275E76C-2A79-462A-A9D3-D0B6BBCDD0CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DFA12E-48C5-47B9-BD9F-1AFACBF4E1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "535A5D39-1C82-4301-9E5B-C9E0D75F38B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "316615EC-BC9F-4B6A-8163-EBECC480EFDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3A878B-2142-404F-BCF4-BB508674C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "64F2EC88-168D-4DD1-9ADA-3F9FA60D6E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "5D73C803-7567-4C1D-B62A-C3C52369022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "C5F77B03-3221-4564-B4FF-7BF7EEC1C5B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "A10DE5AF-1718-4899-9238-CFFDC72D05B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "E388264D-D2D4-4BE4-9097-8F547D73ABE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "16611BAA-C200-4C8B-823F-1AB95F5E1317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "E2DC5114-48D2-4D85-8E80-B4BCB0FD78F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "03682B7E-1CF1-4456-A51F-A6ADFC177935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "371C5F60-4959-40C7-93E1-A01510A95115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "D83FB4C7-B374-4907-8E2B-EEE61C8339E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "601676EC-2EB4-45D0-B1AE-0980CBD68770",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:macos:*:*",
"matchCriteriaId": "4A2EF334-E4E2-40DA-BD51-B74EE1E0ACCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "04E05510-B21B-4DDD-88D7-CEB8963E1AFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "D4CD010A-FDBC-40F9-95AC-0CD8388B85D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "FC99E0F3-AA11-4390-A7C0-5BBFCDA94E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "33AA60CF-611C-45FC-92F8-7517D87B1645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "19255CEC-6161-4D44-B87E-52E86DF4FBA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7147F378-DFB0-48A8-8B05-8777E1CC7F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5C858C-4A01-4916-BE3E-B9056D67CF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB83A4A-D4C2-4509-BD49-15B9BBC7BF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "3F608B1C-BA96-4EA8-A540-83870262CBC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7CFAAD19-6248-42CB-B177-EC2E5141A953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "1C52D90B-578B-4281-BF0E-B7CDA425ED05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8AD4F3-AA82-49F5-A18A-85127FDB8B95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "4E536B0D-4C95-4589-981A-2F8A6C4B44DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBDD3AC-FA00-462F-AA13-5A75B5D50689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "73E2E9E8-2269-4729-8D8F-3C26974F5FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "452A1A75-C59A-43AB-9C43-BA49EB95C39C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "F8EB8353-CA0F-4B38-9427-56C845696A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3A9D11-51D7-4384-A6CF-B1AE46625E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "8694D891-A923-4B62-A508-77E6EBC54646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "8A183FC7-49B7-4475-A580-E87B68690997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CFAE69-D0D3-4850-8752-DD2DC3FF51CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Las versiones del paquete de productos AutoCAD, Revit, Design Review y Navisworks que usan PDFTron versiones anteriores a 9.1.17, pueden escribir m\u00e1s all\u00e1 del b\u00fafer asignado mientras analizan los archivos PDF. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2022-27871",
"lastModified": "2024-11-21T06:56:22.103",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-21T15:15:08.863",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-23 19:15
Modified
2024-11-21 06:23
Severity ?
Summary
PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | advance_steel | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | civil_3d | * | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DCAF9B0-8B1F-4625-B04F-DECB699C9770",
"versionEndExcluding": "2020.2.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BBB8FC-C689-4DF6-B79D-248C0144A5EC",
"versionEndExcluding": "2021.1.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A29624C7-516C-4E7E-B1FE-43ED3188BC70",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70EC1A64-F7DD-4835-969F-A9051F06CB60",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5C1908-9829-46DE-881F-57277490BE71",
"versionEndExcluding": "2020.4",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE821566-76A8-43D6-9628-B82CFE9FAC19",
"versionEndExcluding": "2021.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0E4388-28DB-4D72-BA69-882A121C8C9A",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67E62F6D-C9D2-4129-A25A-468F150BA2CB",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4104E0A8-E133-41F9-A60A-368FD2DCC1A3",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "F7B0B566-F23E-4637-8611-8D055A90F421",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D42D33AA-39DC-4B60-A87F-2B9A41390EDA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D4CB47-D77A-4ACA-A606-3E7880729E0C",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E813870A-AAB5-491F-8ECA-587432AD9935",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "FF16B57E-C704-43BE-94F5-F09493257323",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1172D845-0F80-45EC-95D6-911556D4032D",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "047BD11C-74A7-47AA-A593-BAACD00D2B89",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C926403A-E06B-45A7-9693-CF0B78C7C627",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3807591-D6E0-4BB6-9573-C318A9D4EF60",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C8F3C7-F830-4138-99BD-064F969E4929",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix4:*:*:*:*:*:*",
"matchCriteriaId": "100922EF-C773-4798-B352-B16FCAD48F36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "PDFTron antes de la versi\u00f3n 9.0.7 puede ser forzado a leer m\u00e1s all\u00e1 de los l\u00edmites asignados al analizar un archivo PDF malicioso. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40160",
"lastModified": "2024-11-21T06:23:41.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-23T19:15:12.117",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-27 19:15
Modified
2024-11-21 07:48
Severity ?
Summary
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | alias | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | maya_usd | * | |
| autodesk | maya_usd | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | revit | * | |
| autodesk | vred | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
"versionEndExcluding": "2021.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
"versionEndExcluding": "2023.3.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
"versionEndExcluding": "2022.5",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
"versionEndExcluding": "2023.3",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
"versionEndExcluding": "2023.2",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
"versionEndExcluding": "2021.1.8",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
"versionEndExcluding": "2023.4",
"versionStartIncluding": "2023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
}
],
"id": "CVE-2023-25004",
"lastModified": "2024-11-21T07:48:54.893",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-27T19:15:09.383",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-27 23:15
Modified
2024-11-21 07:48
Severity ?
Summary
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:3ds_max:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "887292AA-AC0F-4931-B55B-5FAAA127E3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:3ds_max:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "6731E5DD-43A2-4A62-8191-FE82096C68F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "8694D891-A923-4B62-A508-77E6EBC54646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC216B0-0CBC-4652-BCBB-E5A1EBE24F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "2F75A973-839F-4BD0-8603-07AEF3F12476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "408CDE75-A916-4C12-9FA2-FBFAB65CB0FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution."
}
],
"id": "CVE-2023-25002",
"lastModified": "2024-11-21T07:48:54.660",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-27T23:15:09.590",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-27 19:15
Modified
2024-11-21 07:56
Severity ?
Summary
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | alias | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | maya_usd | * | |
| autodesk | maya_usd | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | revit | * | |
| autodesk | vred | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
"versionEndExcluding": "2021.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
"versionEndExcluding": "2023.3.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
"versionEndExcluding": "2022.5",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
"versionEndExcluding": "2023.3",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
"versionEndExcluding": "2023.2",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
"versionEndExcluding": "2021.1.8",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
"versionEndExcluding": "2023.4",
"versionStartIncluding": "2023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"id": "CVE-2023-29068",
"lastModified": "2024-11-21T07:56:29.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-27T19:15:09.457",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
Summary
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | fusion | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | 2021 | |
| autodesk | infrastructure_parts_editor | 2022 | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.1 | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | 2022 | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | 2019 | |
| autodesk | storm_and_sanitary_analysis | 2022 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Podr\u00eda producirse un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria pila mientras son analizados archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40164",
"lastModified": "2024-11-21T06:23:42.310",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.560",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
Summary
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | fusion | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | 2021 | |
| autodesk | infrastructure_parts_editor | 2022 | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.1 | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | 2022 | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | 2019 | |
| autodesk | storm_and_sanitary_analysis | 2022 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
},
{
"lang": "es",
"value": "Un archivo PNG dise\u00f1ado de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk puede usarse para intentar liberar un objeto que ya ha sido liberado mientras es analizado. Esta vulnerabilidad puede ser explotada por atacantes para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40166",
"lastModified": "2024-11-21T06:23:42.607",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.743",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-16 22:15
Modified
2024-10-21 18:35
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://autodesk.com/trust/security-advisories/adsk-sa-2024-0017 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5391738-3303-45EE-9530-0EE27781B541",
"versionEndExcluding": "2024.3",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A72AC7E-0FF8-4365-8FAB-17E805ECDC2F",
"versionEndExcluding": "2025.3",
"versionStartIncluding": "2025",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
},
{
"lang": "es",
"value": "Un archivo RFA manipulado con fines malintencionados, cuando se analiza a trav\u00e9s de Autodesk Revit, puede provocar un desbordamiento de b\u00fafer basado en pila. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, leer datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
}
],
"id": "CVE-2024-7994",
"lastModified": "2024-10-21T18:35:55.397",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@autodesk.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-16T22:15:03.353",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0017"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@autodesk.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-10-16 22:15
Modified
2024-10-21 18:27
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://autodesk.com/trust/security-advisories/adsk-sa-2024-0018 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "319E5439-3828-4177-9E5C-C0013238AF72",
"versionEndExcluding": "2024.2.2",
"versionStartIncluding": "2024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A72AC7E-0FF8-4365-8FAB-17E805ECDC2F",
"versionEndExcluding": "2025.3",
"versionStartIncluding": "2025",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
},
{
"lang": "es",
"value": "Un archivo PDF manipulado con fines malintencionados, cuando se analiza a trav\u00e9s de Autodesk Revit, puede forzar una escritura fuera de los l\u00edmites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, escribir datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
}
],
"id": "CVE-2024-7993",
"lastModified": "2024-10-21T18:27:01.950",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@autodesk.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-16T22:15:03.133",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://autodesk.com/trust/security-advisories/adsk-sa-2024-0018"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@autodesk.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:04
Severity ?
Summary
Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/18682 | Vendor Advisory | |
| cve@mitre.org | http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/16472 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/24460 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/18682 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=5549329&linkID=4183232 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16472 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24460 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | 3ds_max | 7 | |
| autodesk | architectural_desktop | 2005 | |
| autodesk | architectural_desktop | 2006 | |
| autodesk | autocad | 2005 | |
| autodesk | autocad | 2006 | |
| autodesk | autocad_civil_3d | 2005 | |
| autodesk | autocad_civil_3d | 2006 | |
| autodesk | autocad_electrical | 2005 | |
| autodesk | autocad_electrical | 2006 | |
| autodesk | autocad_lt | 2005 | |
| autodesk | autocad_lt | 2006 | |
| autodesk | autocad_mechanical | 2005 | |
| autodesk | autocad_mechanical | 2006 | |
| autodesk | building_systems | 2005 | |
| autodesk | building_systems | 2006 | |
| autodesk | civil_design | 2005 | |
| autodesk | inventor | 9 | |
| autodesk | inventor | 10 | |
| autodesk | land_desktop | 2005 | |
| autodesk | land_desktop | 2006 | |
| autodesk | map_3d | 2005 | |
| autodesk | map_3d | 2006 | |
| autodesk | raster_design | 2005 | |
| autodesk | raster_design | 2006 | |
| autodesk | revit | 7 | |
| autodesk | revit | 8 | |
| autodesk | revit_structure | 6 | |
| autodesk | revit_structure | 8.1 | |
| autodesk | survey | 2005 | |
| autodesk | survey | 2006 | |
| autodesk | utility_design | 2005 | |
| autodesk | viz | 2006 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:3ds_max:7:*:*:*:*:*:*:*",
"matchCriteriaId": "21F34A76-B1BD-45C7-9EFE-221F5E35985F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:architectural_desktop:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "791C4C7D-4D59-47DF-830E-314AF749489C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:architectural_desktop:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "03924CB2-0553-499F-A073-9C969BCEE92C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1AE6F6-B9C4-412A-B917-9C5EC1DD0E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "AED452EF-ED18-4F7B-AE45-BE031AED42B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "19748367-BE4B-49F4-A505-A9C4E7CBC339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE81A33-FB05-4CE3-B871-2C108522872B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "F064E5F4-079C-4345-A16E-F5F7996EC5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "D002ED36-1612-43C5-9014-BF6360DB9D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "EF060231-C0C6-4B2F-B387-05E8AB1BF0CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "1312CE76-F9C6-4FED-ABC9-8C97FE69B071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3F280-B5FA-4BA6-ADFA-195C9D0D4155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A81BA6-CDEE-4BF4-B78B-C3FAA68D31EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:building_systems:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "9B00278F-BB19-465F-A150-F14CBD665F08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:building_systems:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD11268-AE49-4202-836E-322A35AF7B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:civil_design:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A78C5B-EA4F-41B6-99AE-50F1D0A95619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:9:*:*:*:*:*:*:*",
"matchCriteriaId": "0F754AD7-CEB4-404B-9FEC-2E719DFC3042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:10:*:professional:*:*:*:*:*",
"matchCriteriaId": "BC2BA958-9373-434E-BBBD-9954065AA790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:land_desktop:2005:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C40078F9-9DD0-40C0-A4DF-359AC401616F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:land_desktop:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9F4C9960-DFA8-4599-A362-684AC3BE08D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:map_3d:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7B41DE-6DD2-4A58-9575-E12774D772E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:map_3d:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C245344A-E89B-42A6-9105-3784DC043F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:raster_design:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7781D592-DB95-439C-B559-945CF300A645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:raster_design:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA56C0D-0317-4402-9275-06E27016E232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:7:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF9AF1F-22F9-4920-BC9A-B6EAF43F54C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:8:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE74F6-6BE6-4EE9-A713-495F4A193EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit_structure:6:*:*:*:*:*:*:*",
"matchCriteriaId": "18A5DA3B-7BB8-4D5B-8FA2-09ACE64142D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit_structure:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA395F4-BC6A-4AF1-A3A2-D6CC8C3B732F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:survey:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "A028F3F2-2FD8-4456-B5F7-A58C35C9EDEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:survey:2006:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5EBBD36A-2188-447A-ADB8-3E7F0C1575CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:utility_design:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE1D0C9-AD53-41FF-835A-0353859F1FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:viz:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "4E24F53D-56AC-425A-B2B7-019206E211B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user\u0027s computer,\" aka ID DL5549329."
}
],
"id": "CVE-2005-4710",
"lastModified": "2024-11-21T00:04:59.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18682"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16472"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
Summary
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | fusion | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | 2021 | |
| autodesk | infrastructure_parts_editor | 2022 | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.1 | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | 2022 | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | 2019 | |
| autodesk | storm_and_sanitary_analysis | 2022 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
},
{
"lang": "es",
"value": "Una vulnerabilidad de corrupci\u00f3n de memoria puede conllevar a una ejecuci\u00f3n de c\u00f3digo mediante archivos DLL dise\u00f1ados de forma maliciosa por medio del componente de procesamiento de im\u00e1genes de Autodesk"
}
],
"id": "CVE-2021-40163",
"lastModified": "2024-11-21T06:23:42.163",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.460",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-23 19:15
Modified
2024-11-21 07:48
Severity ?
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | alias | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | maya_usd | * | |
| autodesk | maya_usd | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | revit | * | |
| autodesk | vred | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
"versionEndExcluding": "2021.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
"versionEndExcluding": "2023.3.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
"versionEndExcluding": "2022.5",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
"versionEndExcluding": "2023.3",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
"versionEndExcluding": "2023.2",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
"versionEndExcluding": "2021.1.8",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
"versionEndExcluding": "2023.4",
"versionStartIncluding": "2023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
}
],
"id": "CVE-2023-25003",
"lastModified": "2024-11-21T07:48:54.767",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-23T19:15:08.983",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-21 10:15
Modified
2024-08-23 16:57
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@autodesk.com | https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0013 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "2F75A973-839F-4BD0-8603-07AEF3F12476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2024:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8E8074-7FA0-4257-9DF9-00B0A37D1F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
"matchCriteriaId": "99EC6432-EAE3-4759-A4AF-34B61818EB0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
},
{
"lang": "es",
"value": "Un archivo DWG creado con fines malintencionados, al analizarse en Revit, puede provocar un desbordamiento del b\u00fafer basado en la pila. Un actor malintencionado puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
}
],
"id": "CVE-2024-37008",
"lastModified": "2024-08-23T16:57:34.547",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@autodesk.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-21T10:15:05.037",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0013"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@autodesk.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 18:15
Modified
2024-11-21 06:23
Severity ?
Summary
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_advance_steel | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_architecture | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_civil_3d | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_electrical | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_lt | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_map_3d | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mechanical | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_mep | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | autocad_plant_3d | * | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | design_review | 2018 | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | dwg_trueview | * | |
| autodesk | fusion | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | * | |
| autodesk | infrastructure_parts_editor | 2021 | |
| autodesk | infrastructure_parts_editor | 2022 | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | * | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2019.3 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2020.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2021.2 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.0 | |
| autodesk | infraworks | 2022.1 | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | inventor | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | navisworks | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | * | |
| autodesk | revit | 2022 | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | * | |
| autodesk | storm_and_sanitary_analysis | 2019 | |
| autodesk | storm_and_sanitary_analysis | 2022 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
"versionEndExcluding": "2020.3.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
"versionEndExcluding": "2021.2.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
"matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
"versionEndExcluding": "2019.1.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
"versionEndExcluding": "2020.1.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
"versionEndExcluding": "2021.1.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
"versionEndExcluding": "2022.1.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
"versionEndExcluding": "2.0.11405",
"versionStartIncluding": "2.0.10356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
"versionEndExcluding": "2019.2.2",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
"versionEndExcluding": "2020.0.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
"versionEndExcluding": "2019.3",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
"versionEndExcluding": "2020.2",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
"matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
"versionEndExcluding": "2019.6",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
"versionEndExcluding": "2019.7",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
"versionEndExcluding": "2020.5",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
"versionEndExcluding": "2021.4",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
"versionEndExcluding": "2019.2.4",
"versionStartIncluding": "2019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
"versionEndExcluding": "2020.2.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
"versionEndExcluding": "2021.1.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
"versionEndExcluding": "2020.3.1",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
"versionEndExcluding": "2021.3.1",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
},
{
"lang": "es",
"value": "Un archivo TIFF, PICT, TGA o RLC dise\u00f1ado de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk puede usarse para escribir m\u00e1s all\u00e1 del b\u00fafer asignado mientras se analizan los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-40165",
"lastModified": "2024-11-21T06:23:42.460",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T18:15:14.650",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}