Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2022-10-07 18:15

Modified

2024-11-21 06:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	fusion	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	2021
autodesk	infrastructure_parts_editor	2022
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2022.0
autodesk	infraworks	2022.0
autodesk	infraworks	2022.1
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	2022
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	2019
autodesk	storm_and_sanitary_analysis	2022

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
              "versionEndExcluding": "2020.3.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
              "versionEndExcluding": "2021.2.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
              "versionEndExcluding": "2022.2.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
              "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
              "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
              "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
              "versionEndExcluding": "2022.1.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
              "versionEndExcluding": "2.0.11405",
              "versionStartIncluding": "2.0.10356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
              "versionEndExcluding": "2019.2.2",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
              "versionEndExcluding": "2020.0.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
              "versionEndExcluding": "2019.3",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
              "versionEndExcluding": "2020.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
              "matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
              "versionEndExcluding": "2019.6",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
              "versionEndExcluding": "2019.7",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
              "versionEndExcluding": "2019.2.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
              "versionEndExcluding": "2020.2.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
              "versionEndExcluding": "2021.1.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
              "versionEndExcluding": "2020.3.1",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
              "versionEndExcluding": "2021.3.1",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Los archivos TIF, PICT, TGA o RLC dise\u00f1ados de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk pueden ser forzados a leer m\u00e1s all\u00e1 de los l\u00edmites asignados cuando son analizados los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
    }
  ],
  "id": "CVE-2021-40162",
  "lastModified": "2024-11-21T06:23:42.010",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-07T18:15:14.383",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-29 18:15

Modified

2025-08-19 14:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	shared_components	2026.2
autodesk	3ds_max	2026
autodesk	advance_steel	2026
autodesk	autocad	2026
autodesk	autocad_architecture	2026
autodesk	autocad_electrical	2026
autodesk	autocad_map_3d	2026
autodesk	autocad_mechanical	2026
autodesk	autocad_mep	2026
autodesk	autocad_plant_3d	2026
autodesk	civil_3d	2026
autodesk	infraworks	2026
autodesk	inventor	2026
autodesk	revit	2026
autodesk	revit_lt	2026
autodesk	vault	2026

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:shared_components:2026.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F619380D-7F2A-453B-BC9C-EBF82B7628A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "B938D507-D95A-4EAD-86AB-9B52A3682414",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "68738B5A-B918-4CA3-BD13-4040B3219AFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "8890EECB-7AB5-41A3-8E77-314183BC3AB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE935915-6926-474F-B5A4-7E77EF7426DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC23105-1362-4BFE-9C93-F0AAA5BAF2B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB79016-0BB6-4E8A-8AE3-5AB39A252DED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A159D88-990D-41D7-B6B0-D97B38241860",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "046ADE16-4275-4BEF-9A71-480E709383F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB9FCDC-6717-44EB-AA55-983A771E2460",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "3383C40E-DD43-4146-9B58-C44585E40985",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:*",
              "matchCriteriaId": "1B01CD79-B993-47BB-B775-C10422FB956B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7393B89-15A9-4709-9FF3-DA1C88770594",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A56B67-B754-4525-995A-F70CAA6B5AAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3C0C68-F0D7-4737-8D37-D99F128DAB47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F81FC1-1B7C-40AF-88DB-B62F24CFA21C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo PRT manipulado con fines maliciosos, al analizarse mediante ciertos productos de Autodesk, puede forzar una vulnerabilidad de escritura fuera de los l\u00edmites. Un agente malicioso podr\u00eda aprovechar esta vulnerabilidad para provocar un bloqueo, da\u00f1ar datos o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-7497",
  "lastModified": "2025-08-19T14:15:42.883",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-29T18:15:32.733",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-29 18:15

Modified

2025-08-19 14:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	shared_components	2026.2
autodesk	3ds_max	2026
autodesk	advance_steel	2026
autodesk	autocad	2026
autodesk	autocad_architecture	2026
autodesk	autocad_electrical	2026
autodesk	autocad_map_3d	2026
autodesk	autocad_mechanical	2026
autodesk	autocad_mep	2026
autodesk	autocad_plant_3d	2026
autodesk	civil_3d	2026
autodesk	infraworks	2026
autodesk	inventor	2026
autodesk	revit	2026
autodesk	revit_lt	2026
autodesk	vault	2026

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:shared_components:2026.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F619380D-7F2A-453B-BC9C-EBF82B7628A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "B938D507-D95A-4EAD-86AB-9B52A3682414",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "68738B5A-B918-4CA3-BD13-4040B3219AFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "8890EECB-7AB5-41A3-8E77-314183BC3AB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE935915-6926-474F-B5A4-7E77EF7426DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC23105-1362-4BFE-9C93-F0AAA5BAF2B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB79016-0BB6-4E8A-8AE3-5AB39A252DED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A159D88-990D-41D7-B6B0-D97B38241860",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "046ADE16-4275-4BEF-9A71-480E709383F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB9FCDC-6717-44EB-AA55-983A771E2460",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "3383C40E-DD43-4146-9B58-C44585E40985",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:*",
              "matchCriteriaId": "1B01CD79-B993-47BB-B775-C10422FB956B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7393B89-15A9-4709-9FF3-DA1C88770594",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A56B67-B754-4525-995A-F70CAA6B5AAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3C0C68-F0D7-4737-8D37-D99F128DAB47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F81FC1-1B7C-40AF-88DB-B62F24CFA21C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo PRT manipulado con fines maliciosos, al vincularse o importarse a ciertos productos de Autodesk, puede generar una vulnerabilidad de lectura fuera de los l\u00edmites. Un agente malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, leer datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-6635",
  "lastModified": "2025-08-19T14:15:42.380",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-29T18:15:32.170",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-06-27 19:15

Modified

2024-11-21 07:48

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	alias	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	maya_usd	*
autodesk	maya_usd	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	vred	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
              "versionEndExcluding": "2022.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
              "versionEndExcluding": "2023.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
              "versionEndExcluding": "2021.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
              "versionEndExcluding": "2023.3.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
              "versionEndExcluding": "2022.5",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
              "versionEndExcluding": "2023.3",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
              "versionEndExcluding": "2023.2",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
              "versionEndExcluding": "2021.1.8",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
              "versionEndExcluding": "2023.4",
              "versionStartIncluding": "2023",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
    }
  ],
  "id": "CVE-2023-25004",
  "lastModified": "2024-11-21T07:48:54.893",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-27T19:15:09.383",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-29 18:15

Modified

2025-08-19 14:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	shared_components	2026.2
autodesk	3ds_max	2026
autodesk	advance_steel	2026
autodesk	autocad	2026
autodesk	autocad_architecture	2026
autodesk	autocad_electrical	2026
autodesk	autocad_map_3d	2026
autodesk	autocad_mechanical	2026
autodesk	autocad_mep	2026
autodesk	autocad_plant_3d	2026
autodesk	civil_3d	2026
autodesk	infraworks	2026
autodesk	inventor	2026
autodesk	revit	2026
autodesk	revit_lt	2026
autodesk	vault	2026

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:shared_components:2026.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F619380D-7F2A-453B-BC9C-EBF82B7628A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "B938D507-D95A-4EAD-86AB-9B52A3682414",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "68738B5A-B918-4CA3-BD13-4040B3219AFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "8890EECB-7AB5-41A3-8E77-314183BC3AB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE935915-6926-474F-B5A4-7E77EF7426DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC23105-1362-4BFE-9C93-F0AAA5BAF2B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB79016-0BB6-4E8A-8AE3-5AB39A252DED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A159D88-990D-41D7-B6B0-D97B38241860",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "046ADE16-4275-4BEF-9A71-480E709383F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB9FCDC-6717-44EB-AA55-983A771E2460",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "3383C40E-DD43-4146-9B58-C44585E40985",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:*",
              "matchCriteriaId": "1B01CD79-B993-47BB-B775-C10422FB956B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7393B89-15A9-4709-9FF3-DA1C88770594",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A56B67-B754-4525-995A-F70CAA6B5AAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3C0C68-F0D7-4737-8D37-D99F128DAB47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F81FC1-1B7C-40AF-88DB-B62F24CFA21C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo PRT manipulado con fines maliciosos, al analizarse mediante ciertos productos de Autodesk, puede generar una vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n. Un agente malicioso puede aprovechar esta vulnerabilidad para provocar un bloqueo, leer datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-6636",
  "lastModified": "2025-08-19T14:15:42.533",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-29T18:15:32.350",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-29 18:15

Modified

2025-08-19 14:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	shared_components	2026.2
autodesk	3ds_max	2026
autodesk	advance_steel	2026
autodesk	autocad	2026
autodesk	autocad_architecture	2026
autodesk	autocad_electrical	2026
autodesk	autocad_map_3d	2026
autodesk	autocad_mechanical	2026
autodesk	autocad_mep	2026
autodesk	autocad_plant_3d	2026
autodesk	civil_3d	2026
autodesk	infraworks	2026
autodesk	inventor	2026
autodesk	revit	2026
autodesk	revit_lt	2026
autodesk	vault	2026

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:shared_components:2026.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F619380D-7F2A-453B-BC9C-EBF82B7628A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "B938D507-D95A-4EAD-86AB-9B52A3682414",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "68738B5A-B918-4CA3-BD13-4040B3219AFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "8890EECB-7AB5-41A3-8E77-314183BC3AB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE935915-6926-474F-B5A4-7E77EF7426DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC23105-1362-4BFE-9C93-F0AAA5BAF2B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB79016-0BB6-4E8A-8AE3-5AB39A252DED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A159D88-990D-41D7-B6B0-D97B38241860",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "046ADE16-4275-4BEF-9A71-480E709383F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB9FCDC-6717-44EB-AA55-983A771E2460",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "3383C40E-DD43-4146-9B58-C44585E40985",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:*",
              "matchCriteriaId": "1B01CD79-B993-47BB-B775-C10422FB956B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7393B89-15A9-4709-9FF3-DA1C88770594",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A56B67-B754-4525-995A-F70CAA6B5AAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3C0C68-F0D7-4737-8D37-D99F128DAB47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F81FC1-1B7C-40AF-88DB-B62F24CFA21C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo 3DM manipulado con fines maliciosos, al vincularse o importarse a ciertos productos de Autodesk, puede generar una vulnerabilidad de desbordamiento basado en mont\u00f3n. Un agente malicioso puede aprovechar esta vulnerabilidad para provocar un bloqueo, leer datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-5043",
  "lastModified": "2025-08-19T14:15:41.273",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-29T18:15:31.783",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-06-27 19:15

Modified

2024-11-21 07:56

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	alias	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	maya_usd	*
autodesk	maya_usd	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	vred	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
              "versionEndExcluding": "2022.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
              "versionEndExcluding": "2023.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
              "versionEndExcluding": "2021.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
              "versionEndExcluding": "2023.3.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
              "versionEndExcluding": "2022.5",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
              "versionEndExcluding": "2023.3",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
              "versionEndExcluding": "2023.2",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
              "versionEndExcluding": "2021.1.8",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
              "versionEndExcluding": "2023.4",
              "versionStartIncluding": "2023",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
    }
  ],
  "id": "CVE-2023-29068",
  "lastModified": "2024-11-21T07:56:29.737",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-27T19:15:09.457",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-10-07 18:15

Modified

2024-11-21 06:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	fusion	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	2021
autodesk	infrastructure_parts_editor	2022
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2022.0
autodesk	infraworks	2022.0
autodesk	infraworks	2022.1
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	2022
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	2019
autodesk	storm_and_sanitary_analysis	2022

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
              "versionEndExcluding": "2020.3.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
              "versionEndExcluding": "2021.2.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
              "versionEndExcluding": "2022.2.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
              "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
              "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
              "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
              "versionEndExcluding": "2022.1.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
              "versionEndExcluding": "2.0.11405",
              "versionStartIncluding": "2.0.10356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
              "versionEndExcluding": "2019.2.2",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
              "versionEndExcluding": "2020.0.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
              "versionEndExcluding": "2019.3",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
              "versionEndExcluding": "2020.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
              "matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
              "versionEndExcluding": "2019.6",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
              "versionEndExcluding": "2019.7",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
              "versionEndExcluding": "2019.2.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
              "versionEndExcluding": "2020.2.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
              "versionEndExcluding": "2021.1.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
              "versionEndExcluding": "2020.3.1",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
              "versionEndExcluding": "2021.3.1",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Un archivo TIFF, PICT, TGA o RLC dise\u00f1ado de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk puede usarse para escribir m\u00e1s all\u00e1 del b\u00fafer asignado mientras se analizan los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
    }
  ],
  "id": "CVE-2021-40165",
  "lastModified": "2024-11-21T06:23:42.460",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-07T18:15:14.650",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-10-07 18:15

Modified

2024-11-21 06:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	fusion	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	2021
autodesk	infrastructure_parts_editor	2022
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2022.0
autodesk	infraworks	2022.0
autodesk	infraworks	2022.1
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	2022
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	2019
autodesk	storm_and_sanitary_analysis	2022

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
              "versionEndExcluding": "2020.3.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
              "versionEndExcluding": "2021.2.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
              "versionEndExcluding": "2022.2.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
              "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
              "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
              "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
              "versionEndExcluding": "2022.1.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
              "versionEndExcluding": "2.0.11405",
              "versionStartIncluding": "2.0.10356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
              "versionEndExcluding": "2019.2.2",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
              "versionEndExcluding": "2020.0.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
              "versionEndExcluding": "2019.3",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
              "versionEndExcluding": "2020.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
              "matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
              "versionEndExcluding": "2019.6",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
              "versionEndExcluding": "2019.7",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
              "versionEndExcluding": "2019.2.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
              "versionEndExcluding": "2020.2.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
              "versionEndExcluding": "2021.1.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
              "versionEndExcluding": "2020.3.1",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
              "versionEndExcluding": "2021.3.1",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Podr\u00eda producirse un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria pila mientras son analizados archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
    }
  ],
  "id": "CVE-2021-40164",
  "lastModified": "2024-11-21T06:23:42.310",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-07T18:15:14.560",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-10-07 18:15

Modified

2024-11-21 06:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	fusion	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	2021
autodesk	infrastructure_parts_editor	2022
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2022.0
autodesk	infraworks	2022.0
autodesk	infraworks	2022.1
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	2022
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	2019
autodesk	storm_and_sanitary_analysis	2022

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
              "versionEndExcluding": "2020.3.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
              "versionEndExcluding": "2021.2.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
              "versionEndExcluding": "2022.2.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
              "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
              "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
              "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
              "versionEndExcluding": "2022.1.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
              "versionEndExcluding": "2.0.11405",
              "versionStartIncluding": "2.0.10356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
              "versionEndExcluding": "2019.2.2",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
              "versionEndExcluding": "2020.0.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
              "versionEndExcluding": "2019.3",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
              "versionEndExcluding": "2020.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
              "matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
              "versionEndExcluding": "2019.6",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
              "versionEndExcluding": "2019.7",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
              "versionEndExcluding": "2019.2.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
              "versionEndExcluding": "2020.2.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
              "versionEndExcluding": "2021.1.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
              "versionEndExcluding": "2020.3.1",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
              "versionEndExcluding": "2021.3.1",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de corrupci\u00f3n de memoria puede conllevar a una ejecuci\u00f3n de c\u00f3digo mediante archivos DLL dise\u00f1ados de forma maliciosa por medio del componente de procesamiento de im\u00e1genes de Autodesk"
    }
  ],
  "id": "CVE-2021-40163",
  "lastModified": "2024-11-21T06:23:42.163",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-07T18:15:14.460",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-05-12 21:15

Modified

2025-01-27 18:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2023.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED3976D-7AEB-4682-A992-39E3FFF21613",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B5ED076-764C-400E-8DAD-7F9E0793FD7F",
              "versionEndExcluding": "2023.1",
              "versionStartIncluding": "2023.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_3:*:*:*:*:*:*",
              "matchCriteriaId": "67C2219C-5B50-4E46-B1F0-68218F1E5AF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_4:*:*:*:*:*:*",
              "matchCriteriaId": "E5684221-8B7C-4ADA-A1A8-727E7F0F67BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_5:*:*:*:*:*:*",
              "matchCriteriaId": "EB247C2B-8221-457A-99F9-39D75D4DB8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_6:*:*:*:*:*:*",
              "matchCriteriaId": "E3E63C7B-C4A5-4722-88A5-6801AA086915",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_7:*:*:*:*:*:*",
              "matchCriteriaId": "8CBCFD6F-2195-48AA-B6A9-8EBB7BF1F047",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_8:*:*:*:*:*:*",
              "matchCriteriaId": "280DEA0C-EF21-4C54-8C9D-FC83152F2C86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_9:*:*:*:*:*:*",
              "matchCriteriaId": "533A6090-B202-49D4-B0C7-7C189EB282AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2023.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "71061947-E7CE-44C8-8DAE-779AEDBEC170",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability."
    }
  ],
  "id": "CVE-2023-25005",
  "lastModified": "2025-01-27T18:15:33.127",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-05-12T21:15:09.220",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-06-23 19:15

Modified

2024-11-21 07:48

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	alias	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	maya_usd	*
autodesk	maya_usd	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	vred	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
              "versionEndExcluding": "2022.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
              "versionEndExcluding": "2023.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
              "versionEndExcluding": "2021.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
              "versionEndExcluding": "2023.3.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
              "versionEndExcluding": "2022.5",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
              "versionEndExcluding": "2023.3",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
              "versionEndExcluding": "2023.2",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
              "versionEndExcluding": "2021.1.8",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
              "versionEndExcluding": "2023.4",
              "versionStartIncluding": "2023",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
    }
  ],
  "id": "CVE-2023-25003",
  "lastModified": "2024-11-21T07:48:54.767",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-23T19:15:08.983",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-29 18:15

Modified

2025-08-19 14:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	shared_components	2026.2
autodesk	3ds_max	2026
autodesk	advance_steel	2026
autodesk	autocad	2026
autodesk	autocad_architecture	2026
autodesk	autocad_electrical	2026
autodesk	autocad_map_3d	2026
autodesk	autocad_mechanical	2026
autodesk	autocad_mep	2026
autodesk	autocad_plant_3d	2026
autodesk	civil_3d	2026
autodesk	infraworks	2026
autodesk	inventor	2026
autodesk	revit	2026
autodesk	revit_lt	2026
autodesk	vault	2026

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:shared_components:2026.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F619380D-7F2A-453B-BC9C-EBF82B7628A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "B938D507-D95A-4EAD-86AB-9B52A3682414",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "68738B5A-B918-4CA3-BD13-4040B3219AFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "8890EECB-7AB5-41A3-8E77-314183BC3AB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE935915-6926-474F-B5A4-7E77EF7426DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC23105-1362-4BFE-9C93-F0AAA5BAF2B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB79016-0BB6-4E8A-8AE3-5AB39A252DED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A159D88-990D-41D7-B6B0-D97B38241860",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "046ADE16-4275-4BEF-9A71-480E709383F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB9FCDC-6717-44EB-AA55-983A771E2460",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "3383C40E-DD43-4146-9B58-C44585E40985",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:*",
              "matchCriteriaId": "1B01CD79-B993-47BB-B775-C10422FB956B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7393B89-15A9-4709-9FF3-DA1C88770594",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A56B67-B754-4525-995A-F70CAA6B5AAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3C0C68-F0D7-4737-8D37-D99F128DAB47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F81FC1-1B7C-40AF-88DB-B62F24CFA21C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo X_T manipulado con fines maliciosos, al analizarse mediante ciertos productos de Autodesk, puede generar una vulnerabilidad de corrupci\u00f3n de memoria. Un agente malicioso puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-5038",
  "lastModified": "2025-08-19T14:15:40.623",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-29T18:15:31.590",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-29 18:15

Modified

2025-08-19 14:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	shared_components	2026.2
autodesk	3ds_max	2026
autodesk	advance_steel	2026
autodesk	autocad	2026
autodesk	autocad_architecture	2026
autodesk	autocad_electrical	2026
autodesk	autocad_map_3d	2026
autodesk	autocad_mechanical	2026
autodesk	autocad_mep	2026
autodesk	autocad_plant_3d	2026
autodesk	civil_3d	2026
autodesk	infraworks	2026
autodesk	inventor	2026
autodesk	revit	2026
autodesk	revit_lt	2026
autodesk	vault	2026

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:shared_components:2026.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F619380D-7F2A-453B-BC9C-EBF82B7628A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "B938D507-D95A-4EAD-86AB-9B52A3682414",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "68738B5A-B918-4CA3-BD13-4040B3219AFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "8890EECB-7AB5-41A3-8E77-314183BC3AB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE935915-6926-474F-B5A4-7E77EF7426DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC23105-1362-4BFE-9C93-F0AAA5BAF2B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB79016-0BB6-4E8A-8AE3-5AB39A252DED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A159D88-990D-41D7-B6B0-D97B38241860",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "046ADE16-4275-4BEF-9A71-480E709383F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB9FCDC-6717-44EB-AA55-983A771E2460",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "3383C40E-DD43-4146-9B58-C44585E40985",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:*",
              "matchCriteriaId": "1B01CD79-B993-47BB-B775-C10422FB956B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7393B89-15A9-4709-9FF3-DA1C88770594",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A56B67-B754-4525-995A-F70CAA6B5AAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3C0C68-F0D7-4737-8D37-D99F128DAB47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F81FC1-1B7C-40AF-88DB-B62F24CFA21C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo PRT manipulado con fines maliciosos, al analizarse mediante ciertos productos de Autodesk, puede forzar una vulnerabilidad de escritura fuera de los l\u00edmites. Un agente malicioso podr\u00eda aprovechar esta vulnerabilidad para provocar un bloqueo, da\u00f1ar datos o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-6637",
  "lastModified": "2025-08-19T14:15:42.677",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-29T18:15:32.550",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-29 18:15

Modified

2025-08-19 14:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	shared_components	2026.2
autodesk	3ds_max	2026
autodesk	advance_steel	2026
autodesk	autocad	2026
autodesk	autocad_architecture	2026
autodesk	autocad_electrical	2026
autodesk	autocad_map_3d	2026
autodesk	autocad_mechanical	2026
autodesk	autocad_mep	2026
autodesk	autocad_plant_3d	2026
autodesk	civil_3d	2026
autodesk	infraworks	2026
autodesk	inventor	2026
autodesk	revit	2026
autodesk	revit_lt	2026
autodesk	vault	2026

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:shared_components:2026.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F619380D-7F2A-453B-BC9C-EBF82B7628A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "B938D507-D95A-4EAD-86AB-9B52A3682414",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "68738B5A-B918-4CA3-BD13-4040B3219AFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "8890EECB-7AB5-41A3-8E77-314183BC3AB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE935915-6926-474F-B5A4-7E77EF7426DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC23105-1362-4BFE-9C93-F0AAA5BAF2B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB79016-0BB6-4E8A-8AE3-5AB39A252DED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A159D88-990D-41D7-B6B0-D97B38241860",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "046ADE16-4275-4BEF-9A71-480E709383F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB9FCDC-6717-44EB-AA55-983A771E2460",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "3383C40E-DD43-4146-9B58-C44585E40985",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:*",
              "matchCriteriaId": "1B01CD79-B993-47BB-B775-C10422FB956B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7393B89-15A9-4709-9FF3-DA1C88770594",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A56B67-B754-4525-995A-F70CAA6B5AAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3C0C68-F0D7-4737-8D37-D99F128DAB47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F81FC1-1B7C-40AF-88DB-B62F24CFA21C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo PRT manipulado con fines maliciosos, al analizarse mediante ciertos productos de Autodesk, puede forzar una vulnerabilidad de escritura fuera de los l\u00edmites. Un agente malicioso podr\u00eda aprovechar esta vulnerabilidad para provocar un bloqueo, da\u00f1ar datos o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-6631",
  "lastModified": "2025-08-19T14:15:41.790",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-29T18:15:31.983",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2025-07-29 18:15

Modified

2025-08-19 14:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	shared_components	2026.2
autodesk	3ds_max	2026
autodesk	advance_steel	2026
autodesk	autocad	2026
autodesk	autocad_architecture	2026
autodesk	autocad_electrical	2026
autodesk	autocad_map_3d	2026
autodesk	autocad_mechanical	2026
autodesk	autocad_mep	2026
autodesk	autocad_plant_3d	2026
autodesk	civil_3d	2026
autodesk	infraworks	2026
autodesk	inventor	2026
autodesk	revit	2026
autodesk	revit_lt	2026
autodesk	vault	2026

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:shared_components:2026.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F619380D-7F2A-453B-BC9C-EBF82B7628A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "B938D507-D95A-4EAD-86AB-9B52A3682414",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "68738B5A-B918-4CA3-BD13-4040B3219AFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "8890EECB-7AB5-41A3-8E77-314183BC3AB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE935915-6926-474F-B5A4-7E77EF7426DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC23105-1362-4BFE-9C93-F0AAA5BAF2B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB79016-0BB6-4E8A-8AE3-5AB39A252DED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A159D88-990D-41D7-B6B0-D97B38241860",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "046ADE16-4275-4BEF-9A71-480E709383F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB9FCDC-6717-44EB-AA55-983A771E2460",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "3383C40E-DD43-4146-9B58-C44585E40985",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:*",
              "matchCriteriaId": "1B01CD79-B993-47BB-B775-C10422FB956B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7393B89-15A9-4709-9FF3-DA1C88770594",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A56B67-B754-4525-995A-F70CAA6B5AAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3C0C68-F0D7-4737-8D37-D99F128DAB47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F81FC1-1B7C-40AF-88DB-B62F24CFA21C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo 3DM manipulado con fines maliciosos, al analizarse mediante ciertos productos de Autodesk, puede forzar una vulnerabilidad de escritura fuera de los l\u00edmites. Un agente malicioso podr\u00eda aprovechar esta vulnerabilidad para provocar un bloqueo, da\u00f1ar datos o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-7675",
  "lastModified": "2025-08-19T14:15:43.150",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-29T18:15:32.923",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-10-07 18:15

Modified

2024-11-21 06:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.

References

▶	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	fusion	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	2021
autodesk	infrastructure_parts_editor	2022
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2022.0
autodesk	infraworks	2022.0
autodesk	infraworks	2022.1
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	2022
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	2019
autodesk	storm_and_sanitary_analysis	2022

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
              "versionEndExcluding": "2020.3.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
              "versionEndExcluding": "2021.2.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
              "versionEndExcluding": "2022.2.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
              "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
              "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
              "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
              "versionEndExcluding": "2022.1.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
              "versionEndExcluding": "2.0.11405",
              "versionStartIncluding": "2.0.10356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
              "versionEndExcluding": "2019.2.2",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
              "versionEndExcluding": "2020.0.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
              "versionEndExcluding": "2019.3",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
              "versionEndExcluding": "2020.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
              "matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
              "versionEndExcluding": "2019.6",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
              "versionEndExcluding": "2019.7",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
              "versionEndExcluding": "2019.2.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
              "versionEndExcluding": "2020.2.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
              "versionEndExcluding": "2021.1.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
              "versionEndExcluding": "2020.3.1",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
              "versionEndExcluding": "2021.3.1",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Un archivo PNG dise\u00f1ado de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk puede usarse para intentar liberar un objeto que ya ha sido liberado mientras es analizado. Esta vulnerabilidad puede ser explotada por atacantes para ejecutar c\u00f3digo arbitrario"
    }
  ],
  "id": "CVE-2021-40166",
  "lastModified": "2024-11-21T06:23:42.607",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-07T18:15:14.743",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2023-29068 (GCVE-0-2023-29068)

Vulnerability from cvelistv5

Published

2023-06-27 00:00

Modified

2024-12-05 14:41

Severity ?

CWE

memory corruption vulnerability

Summary

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

References

►

URL

Tags

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009

Impacted products

	Vendor	Product	Version
	n/a	Autodesk products	Version: 2023, 2022, 2021, 2020

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:00:14.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-29068",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T14:41:27.413833Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T14:41:43.199Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Autodesk products",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022, 2021, 2020"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "memory corruption vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-27T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-29068",
    "datePublished": "2023-06-27T00:00:00",
    "dateReserved": "2023-03-30T00:00:00",
    "dateUpdated": "2024-12-05T14:41:43.199Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6635 (GCVE-0-2025-6635)

Vulnerability from cvelistv5

Published

2025-07-29 17:53

Modified

2025-08-19 13:21

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-125 - Out-of-Bounds Read

Summary

A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

References

►

URL

Tags

	https://www.autodesk.com/products/autodesk-access/overview	patch
	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	vendor-advisory

Impacted products

	Vendor	Product	Version
	Autodesk	Shared Components	Version: 2026.2 < 2026.3 cpe:2.3:a:autodesk:shared_components:2026.3:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6635",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T03:55:52.940Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Shared Components",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3",
              "status": "affected",
              "version": "2026.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-Bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:21:59.522Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "PRT File Parsing Out-of-Bounds Read Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-6635",
    "datePublished": "2025-07-29T17:53:35.895Z",
    "dateReserved": "2025-06-25T13:44:26.482Z",
    "dateUpdated": "2025-08-19T13:21:59.522Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5043 (GCVE-0-2025-5043)

Vulnerability from cvelistv5

Published

2025-07-29 17:52

Modified

2025-08-19 13:19

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-122 - Heap-Based Buffer Overflow

Summary

A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

References

►

URL

Tags

	https://www.autodesk.com/products/autodesk-access/overview	patch
	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	vendor-advisory

Impacted products

	Vendor	Product	Version
	Autodesk	Shared Components	Version: 2026.2 < 2026.3 cpe:2.3:a:autodesk:shared_components:2026.3:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5043",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T03:55:50.498Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Shared Components",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3",
              "status": "affected",
              "version": "2026.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-Based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:19:36.659Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "3DM File Parsing Heap-Based Overflow Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-5043",
    "datePublished": "2025-07-29T17:52:37.857Z",
    "dateReserved": "2025-05-21T13:01:02.814Z",
    "dateUpdated": "2025-08-19T13:19:36.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25003 (GCVE-0-2023-25003)

Vulnerability from cvelistv5

Published

2023-06-23 00:00

Modified

2024-12-05 17:10

Severity ?

CWE

out-of-bound read write / read

Summary

A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.

References

►

URL

Tags

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009

Impacted products

	Vendor	Product	Version
	n/a	AutoCAD, Maya	Version: 2023, 2022

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25003",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T17:09:59.558363Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T17:10:10.146Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": " AutoCAD, Maya ",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "out-of-bound read write / read",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-23T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-25003",
    "datePublished": "2023-06-23T00:00:00",
    "dateReserved": "2023-02-01T00:00:00",
    "dateUpdated": "2024-12-05T17:10:10.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40162 (GCVE-0-2021-40162)

Vulnerability from cvelistv5

Published

2022-10-07 00:00

Modified

2024-08-04 02:27

Severity ?

CWE

Out-of-Band Read

Summary

A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

References

►

URL

Tags

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011

Impacted products

	Vendor	Product	Version
	n/a	Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D	Version: 2022, 2021, 2020, 2019

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2022, 2021, 2020, 2019"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Out-of-Band Read",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-07T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2021-40162",
    "datePublished": "2022-10-07T00:00:00",
    "dateReserved": "2021-08-27T00:00:00",
    "dateUpdated": "2024-08-04T02:27:31.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6637 (GCVE-0-2025-6637)

Vulnerability from cvelistv5

Published

2025-07-29 17:56

Modified

2025-08-19 13:22

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Summary

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

►

URL

Tags

	https://www.autodesk.com/products/autodesk-access/overview	patch
	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	vendor-advisory

Impacted products

	Vendor	Product	Version
	Autodesk	Shared Components	Version: 2026.2 < 2026.3 cpe:2.3:a:autodesk:shared_components:2026.3:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6637",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T03:55:55.467Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Shared Components",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3",
              "status": "affected",
              "version": "2026.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:22:28.965Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "PRT File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-6637",
    "datePublished": "2025-07-29T17:56:50.031Z",
    "dateReserved": "2025-06-25T13:44:28.817Z",
    "dateUpdated": "2025-08-19T13:22:28.965Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40163 (GCVE-0-2021-40163)

Vulnerability from cvelistv5

Published

2022-10-07 00:00

Modified

2024-08-04 02:27

Severity ?

CWE

Memory Corruption

Summary

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.

References

►

URL

Tags

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011

Impacted products

	Vendor	Product	Version
	n/a	Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D	Version: 2022, 2021, 2020, 2019

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.853Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2022, 2021, 2020, 2019"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Memory Corruption ",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-07T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2021-40163",
    "datePublished": "2022-10-07T00:00:00",
    "dateReserved": "2021-08-27T00:00:00",
    "dateUpdated": "2024-08-04T02:27:31.853Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25004 (GCVE-0-2023-25004)

Vulnerability from cvelistv5

Published

2023-06-27 00:00

Modified

2024-12-05 14:40

Severity ?

CWE

Integer Overflow

Summary

A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.

References

►

URL

Tags

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009

Impacted products

	Vendor	Product	Version
	n/a	Autodesk products	Version: 2023, 2022, 2021, 2020

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25004",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T14:39:57.188378Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T14:40:18.983Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Autodesk products",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022, 2021, 2020"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Integer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-27T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-25004",
    "datePublished": "2023-06-27T00:00:00",
    "dateReserved": "2023-02-01T00:00:00",
    "dateUpdated": "2024-12-05T14:40:18.983Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40164 (GCVE-0-2021-40164)

Vulnerability from cvelistv5

Published

2022-10-07 00:00

Modified

2024-08-04 02:27

Severity ?

CWE

Heap-based Overflow

Summary

A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

References

►

URL

Tags

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011

Impacted products

	Vendor	Product	Version
	n/a	Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D	Version: 2022, 2021, 2020, 2019

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.502Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2022, 2021, 2020, 2019"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Heap-based Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-07T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2021-40164",
    "datePublished": "2022-10-07T00:00:00",
    "dateReserved": "2021-08-27T00:00:00",
    "dateUpdated": "2024-08-04T02:27:31.502Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6636 (GCVE-0-2025-6636)

Vulnerability from cvelistv5

Published

2025-07-29 17:54

Modified

2025-08-19 13:22

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Summary

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

References

►

URL

Tags

	https://www.autodesk.com/products/autodesk-access/overview	patch
	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	vendor-advisory

Impacted products

	Vendor	Product	Version
	Autodesk	Shared Components	Version: 2026.2 < 2026.3 cpe:2.3:a:autodesk:shared_components:2026.3:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6636",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T03:55:54.668Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Shared Components",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3",
              "status": "affected",
              "version": "2026.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:22:14.824Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "PRT File Parsing Use-After-Free Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-6636",
    "datePublished": "2025-07-29T17:54:02.053Z",
    "dateReserved": "2025-06-25T13:44:27.794Z",
    "dateUpdated": "2025-08-19T13:22:14.824Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6631 (GCVE-0-2025-6631)

Vulnerability from cvelistv5

Published

2025-07-29 17:53

Modified

2025-08-19 13:21

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Summary

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

►

URL

Tags

	https://www.autodesk.com/products/autodesk-access/overview	patch
	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	vendor-advisory

Impacted products

	Vendor	Product	Version
	Autodesk	Shared Components	Version: 2026.2 < 2026.3 cpe:2.3:a:autodesk:shared_components:2026.3:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6631",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T03:55:52.059Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Shared Components",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3",
              "status": "affected",
              "version": "2026.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:21:00.832Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "PRT File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-6631",
    "datePublished": "2025-07-29T17:53:04.135Z",
    "dateReserved": "2025-06-25T13:43:01.062Z",
    "dateUpdated": "2025-08-19T13:21:00.832Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40166 (GCVE-0-2021-40166)

Vulnerability from cvelistv5

Published

2022-10-07 00:00

Modified

2024-08-04 02:27

Severity ?

CWE

Use-After-Free

Summary

A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.

References

►

URL

Tags

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011

Impacted products

	Vendor	Product	Version
	n/a	Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D	Version: 2022, 2021, 2020, 2019

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.562Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2022, 2021, 2020, 2019"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Use-After-Free",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-07T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2021-40166",
    "datePublished": "2022-10-07T00:00:00",
    "dateReserved": "2021-08-27T00:00:00",
    "dateUpdated": "2024-08-04T02:27:31.562Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25005 (GCVE-0-2023-25005)

Vulnerability from cvelistv5

Published

2023-05-12 00:00

Modified

2025-01-27 17:43

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Resource Injection

Summary

A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability.

References

►

URL

Tags

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006

Impacted products

	Vendor	Product	Version
	n/a	Autodesk InfraWorks	Version: 2023, 2021

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.791Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-25005",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-27T17:43:03.290093Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-427",
                "description": "CWE-427 Uncontrolled Search Path Element",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-27T17:43:10.771Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Autodesk InfraWorks",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2021"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Resource Injection",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-12T00:00:00.000Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-25005",
    "datePublished": "2023-05-12T00:00:00.000Z",
    "dateReserved": "2023-02-01T00:00:00.000Z",
    "dateUpdated": "2025-01-27T17:43:10.771Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40165 (GCVE-0-2021-40165)

Vulnerability from cvelistv5

Published

2022-10-07 00:00

Modified

2024-08-04 02:27

Severity ?

CWE

Buffer Overflow

Summary

A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

References

►

URL

Tags

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011

Impacted products

	Vendor	Product	Version
	n/a	Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D	Version: 2022, 2021, 2020, 2019

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.537Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2022, 2021, 2020, 2019"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-07T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2021-40165",
    "datePublished": "2022-10-07T00:00:00",
    "dateReserved": "2021-08-27T00:00:00",
    "dateUpdated": "2024-08-04T02:27:31.537Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7675 (GCVE-0-2025-7675)

Vulnerability from cvelistv5

Published

2025-07-29 17:57

Modified

2025-08-19 13:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Summary

A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

►

URL

Tags

	https://www.autodesk.com/products/autodesk-access/overview	patch
	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	vendor-advisory

Impacted products

	Vendor	Product	Version
	Autodesk	Shared Components	Version: 2026.2 < 2026.3 cpe:2.3:a:autodesk:shared_components:2026.3:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7675",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T03:55:57.025Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Shared Components",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3",
              "status": "affected",
              "version": "2026.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:23:05.667Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "3DM File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-7675",
    "datePublished": "2025-07-29T17:57:36.134Z",
    "dateReserved": "2025-07-15T12:31:56.589Z",
    "dateUpdated": "2025-08-19T13:23:05.667Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5038 (GCVE-0-2025-5038)

Vulnerability from cvelistv5

Published

2025-07-29 17:51

Modified

2025-08-19 13:17

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Summary

A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

References

►

URL

Tags

	https://www.autodesk.com/products/autodesk-access/overview	patch
	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	vendor-advisory

Impacted products

	Vendor	Product	Version
	Autodesk	Shared Components	Version: 2026.2 < 2026.3 cpe:2.3:a:autodesk:shared_components:2026.3:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5038",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T03:55:49.666Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Shared Components",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3",
              "status": "affected",
              "version": "2026.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:17:02.999Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "X_T File Parsing Memory Corruption Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-5038",
    "datePublished": "2025-07-29T17:51:59.877Z",
    "dateReserved": "2025-05-21T13:00:58.307Z",
    "dateUpdated": "2025-08-19T13:17:02.999Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7497 (GCVE-0-2025-7497)

Vulnerability from cvelistv5

Published

2025-07-29 17:57

Modified

2025-08-19 13:22

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Summary

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

►

URL

Tags

	https://www.autodesk.com/products/autodesk-access/overview	patch
	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015	vendor-advisory

Impacted products

	Vendor	Product	Version
	Autodesk	Shared Components	Version: 2026.2 < 2026.3 cpe:2.3:a:autodesk:shared_components:2026.3:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7497",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T03:55:56.262Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Shared Components",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.3",
              "status": "affected",
              "version": "2026.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:22:46.904Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "PRT File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-7497",
    "datePublished": "2025-07-29T17:57:13.572Z",
    "dateReserved": "2025-07-11T15:02:31.021Z",
    "dateUpdated": "2025-08-19T13:22:46.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerabilites related to autodesk - infraworks

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

CVE-2023-29068 (GCVE-0-2023-29068)

Vulnerability from cvelistv5

CVE-2025-6635 (GCVE-0-2025-6635)

Vulnerability from cvelistv5

CVE-2025-5043 (GCVE-0-2025-5043)

Vulnerability from cvelistv5

CVE-2023-25003 (GCVE-0-2023-25003)

Vulnerability from cvelistv5

CVE-2021-40162 (GCVE-0-2021-40162)

Vulnerability from cvelistv5

CVE-2025-6637 (GCVE-0-2025-6637)

Vulnerability from cvelistv5

CVE-2021-40163 (GCVE-0-2021-40163)

Vulnerability from cvelistv5

CVE-2023-25004 (GCVE-0-2023-25004)

Vulnerability from cvelistv5

CVE-2021-40164 (GCVE-0-2021-40164)

Vulnerability from cvelistv5

CVE-2025-6636 (GCVE-0-2025-6636)

Vulnerability from cvelistv5

CVE-2025-6631 (GCVE-0-2025-6631)

Vulnerability from cvelistv5

CVE-2021-40166 (GCVE-0-2021-40166)

Vulnerability from cvelistv5

CVE-2023-25005 (GCVE-0-2023-25005)

Vulnerability from cvelistv5

CVE-2021-40165 (GCVE-0-2021-40165)

Vulnerability from cvelistv5

CVE-2025-7675 (GCVE-0-2025-7675)

Vulnerability from cvelistv5

CVE-2025-5038 (GCVE-0-2025-5038)

Vulnerability from cvelistv5

CVE-2025-7497 (GCVE-0-2025-7497)

Vulnerability from cvelistv5