CVE-2022-33890
Vulnerability from cvelistv5
Published
2022-10-03 00:00
Modified
2024-08-03 08:09
Severity ?
EPSS score ?
Summary
A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Autodesk® Design Review, |
Version: 2018 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:22.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk\u00ae Design Review,",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2018"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2022-33890",
"datePublished": "2022-10-03T00:00:00",
"dateReserved": "2022-06-16T00:00:00",
"dateUpdated": "2024-08-03T08:09:22.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-33890\",\"sourceIdentifier\":\"psirt@autodesk.com\",\"published\":\"2022-10-03T15:15:17.837\",\"lastModified\":\"2024-11-21T07:08:32.367\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.\"},{\"lang\":\"es\",\"value\":\"Un archivo PCT o DWF malicioso cuando se consume a trav\u00e9s de la aplicaci\u00f3n DesignReview.exe podr\u00eda llevar a una vulnerabilidad de corrupci\u00f3n de memoria por violaci\u00f3n de acceso de lectura. Esta vulnerabilidad, junto con otras, podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo en el contexto del proceso actual\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"F867A29B-ABEA-40D8-9252-9129DBC4EEEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"480910B3-5FD0-47EF-98BA-FDFE22945BB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"354E7B7A-22BA-4EB2-B136-9622A8032167\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"91A206DF-6922-4CF8-9481-E6A4A2953753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"B0381CFD-48B1-4BA4-9961-64544267F852\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"729710F9-F4F9-4466-8FA2-22A0C0CF9420\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"3CEE7EBE-109D-43EC-9411-8169E589670A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"F1C62E65-FD27-478A-A472-FBDA4C751BB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"AF33C631-4C2E-4A18-B5E8-A2037BF29196\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"F1A13743-F25B-47BC-902A-E7ADB9ACA577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"42E5B8D3-9B23-4DC0-B7CE-BB7EC8D981F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"20E3E3AA-051D-44E2-BD4A-8EBFCFD11C8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"2ACB4E3C-FE40-4416-8484-A3A3B6883286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"AA7C36AC-ED97-4669-AD61-75AA00F0385C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"E3107206-44ED-45CB-A218-AC8E12CD4409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"1F4ADAD1-5627-4BD2-A72B-DEC95415261F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"C3357899-6803-4D09-94F0-7A633DB05E85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"7FDA3E45-B980-4715-80CC-C29B4A3900C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"9AC1E832-B725-4F72-812F-000ADE262DEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.0\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"0A20490C-CDFD-4FCE-B5E3-1F2F78A0C531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"213232B9-A40B-436D-A66A-B65C49D59BE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*\",\"matchCriteriaId\":\"84ED1789-A17F-48F7-A152-09D2A5C59254\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*\",\"matchCriteriaId\":\"74819924-EB63-4BBF-9986-FEF6100EEE15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:design_review:2018:hotfix4:*:*:*:*:*:*\",\"matchCriteriaId\":\"100922EF-C773-4798-B352-B16FCAD48F36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:design_review:2018:hotfix5:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C7E8CE3-8A75-4357-8722-17E2CE2378CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:design_review:2018:hotfix6:*:*:*:*:*:*\",\"matchCriteriaId\":\"41A96F19-544E-471F-B6BF-9CC8E9403A2A\"}]}]}],\"references\":[{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021\",\"source\":\"psirt@autodesk.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.