7.8
CVE-2022-25788
- EPSS 0.42%
- Veröffentlicht 19.04.2022 21:15:18
- Zuletzt bearbeitet 21.11.2024 06:53:00
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginA maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Advance Steel Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Architecture Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Electrical Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Lt SwPlatform- Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Lt SwPlatformmacos Version >= 2022 < 2022.2.2
Autodesk ≫ Autocad Map 3d Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Mechanical Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Mep Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Plant 3d Version >= 2022 < 2022.1.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.607 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.