7.8
CVE-2021-40158
- EPSS 0.44%
- Veröffentlicht 25.01.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:23:41
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginA maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Advance Steel Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Architecture Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Electrical Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Lt Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Map 3d Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Mechanical Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Mep Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Plant 3d Version >= 2022 < 2022.1.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.44% | 0.626 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.