CVE-2021-40165

EPSS 0.12%
Veröffentlicht 07.10.2022 18:15:14
Zuletzt bearbeitet 21.11.2024 06:23:42
Quelle psirt@autodesk.com
CVE-Watchlists
Login
Unerledigt
Login

A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Autodesk ≫ Autocad Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Version >= 2022 < 2022.1.2

Autodesk ≫ Autocad Advance Steel Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Advance Steel Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Advance Steel Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Advance Steel Version >= 2022 < 2022.1.2

Autodesk ≫ Autocad Architecture Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Architecture Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Architecture Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Architecture Version >= 2022 < 2022.1.2

Autodesk ≫ Autocad Civil 3d Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Civil 3d Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Civil 3d Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Civil 3d Version >= 2022 < 2022.1.2

Autodesk ≫ Autocad Electrical Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Electrical Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Electrical Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Electrical Version >= 2022 < 2022.1.2

Autodesk ≫ Autocad Lt Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Lt Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Lt SwPlatformmacos Version >= 2020 < 2020.3.2

Autodesk ≫ Autocad Lt Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Lt SwPlatformmacos Version >= 2021 < 2021.2.2

Autodesk ≫ Autocad Lt Version >= 2022 < 2022.1.2

Autodesk ≫ Autocad Lt SwPlatformmacos Version >= 2022 < 2022.2.2

Autodesk ≫ Autocad Map 3d Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Map 3d Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Map 3d Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Map 3d Version >= 2022 < 2022.1.2

Autodesk ≫ Autocad Mechanical Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Mechanical Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Mechanical Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Mechanical Version >= 2022 < 2022.1.2

Autodesk ≫ Autocad Mep Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Mep Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Mep Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Mep Version >= 2022 < 2022.1.2

Autodesk ≫ Autocad Plant 3d Version >= 2019 < 2019.1.4

Autodesk ≫ Autocad Plant 3d Version >= 2020 < 2020.1.5

Autodesk ≫ Autocad Plant 3d Version >= 2021 < 2021.1.2

Autodesk ≫ Autocad Plant 3d Version >= 2022 < 2022.1.2

Autodesk ≫ Design Review Version2018 Update-

Autodesk ≫ Design Review Version2018 Updatehotfix

Autodesk ≫ Design Review Version2018 Updatehotfix2

Autodesk ≫ Design Review Version2018 Updatehotfix3

Autodesk ≫ Dwg Trueview Version >= 2019 < 2019.1.4

Autodesk ≫ Dwg Trueview Version >= 2020 < 2020.1.5

Autodesk ≫ Dwg Trueview Version >= 2021 < 2021.1.2

Autodesk ≫ Dwg Trueview Version >= 2022 < 2022.1.1

Autodesk ≫ Fusion Version >= 2.0.10356 < 2.0.11405

Autodesk ≫ Infrastructure Parts Editor Version >= 2019 < 2019.2.2

Autodesk ≫ Infrastructure Parts Editor Version >= 2020 < 2020.0.2

Autodesk ≫ Infrastructure Parts Editor Version2021

Autodesk ≫ Infrastructure Parts Editor Version2022

Autodesk ≫ Infraworks Version >= 2019 < 2019.3

Autodesk ≫ Infraworks Version >= 2020 < 2020.2

Autodesk ≫ Infraworks Version >= 2021 < 2021.2

Autodesk ≫ Infraworks Version2019.3 Update-

Autodesk ≫ Infraworks Version2019.3 Updatehotfix_1

Autodesk ≫ Infraworks Version2019.3 Updatehotfix_2

Autodesk ≫ Infraworks Version2019.3 Updatehotfix_3

Autodesk ≫ Infraworks Version2020.2 Update-

Autodesk ≫ Infraworks Version2020.2 Updatehotfix_1

Autodesk ≫ Infraworks Version2020.2 Updatehotfix_2

Autodesk ≫ Infraworks Version2021.2 Update-

Autodesk ≫ Infraworks Version2021.2 Updatehotfix_1

Autodesk ≫ Infraworks Version2021.2 Updatehotfix_2

Autodesk ≫ Infraworks Version2022.0 Update-

Autodesk ≫ Infraworks Version2022.0 Updatehotfix_1

Autodesk ≫ Infraworks Version2022.1

Autodesk ≫ Inventor Version >= 2019 < 2019.6

Autodesk ≫ Inventor Version >= 2020 < 2020.5

Autodesk ≫ Inventor Version >= 2021 < 2021.4

Autodesk ≫ Inventor Version >= 2022 < 2022.2

Autodesk ≫ Navisworks Version >= 2019 < 2019.7

Autodesk ≫ Navisworks Version >= 2020 < 2020.5

Autodesk ≫ Navisworks Version >= 2021 < 2021.4

Autodesk ≫ Navisworks Version >= 2022 < 2022.2

Autodesk ≫ Revit Version >= 2019 < 2019.2.4

Autodesk ≫ Revit Version >= 2020 < 2020.2.6

Autodesk ≫ Revit Version >= 2021 < 2021.1.5

Autodesk ≫ Revit Version2022

Autodesk ≫ Storm And Sanitary Analysis Version >= 2020 < 2020.3.1

Autodesk ≫ Storm And Sanitary Analysis Version >= 2021 < 2021.3.1

Autodesk ≫ Storm And Sanitary Analysis Version2019

Autodesk ≫ Storm And Sanitary Analysis Version2022

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.311

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-40165

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-40165

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-40165

EUVD