7.8
CVE-2022-33885
- EPSS 0.12%
- Veröffentlicht 03.10.2022 15:15:16
- Zuletzt bearbeitet 21.11.2024 07:08:31
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginA maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Autocad Advance Steel Version >= 2022 < 2022.1.3
Autodesk ≫ Autocad Advance Steel Version >= 2023 < 2023.1.1
Autodesk ≫ Autocad Architecture Version >= 2022 < 2022.1.3
Autodesk ≫ Autocad Architecture Version >= 2023 < 2023.1.1
Autodesk ≫ Autocad Civil 3d Version >= 2022 < 2022.1.3
Autodesk ≫ Autocad Civil 3d Version >= 2023 < 2023.1.1
Autodesk ≫ Autocad Electrical Version >= 2022 < 2022.1.3
Autodesk ≫ Autocad Electrical Version >= 2023 < 2023.1.1
Autodesk ≫ Autocad Lt Version >= 2022 < 2022.1.3
Autodesk ≫ Autocad Lt Version >= 2023 < 2023.1.1
Autodesk ≫ Autocad Map 3d Version >= 2022 < 2022.1.3
Autodesk ≫ Autocad Map 3d Version >= 2023 < 2023.1.1
Autodesk ≫ Autocad Mechanical Version >= 2022 < 2022.1.3
Autodesk ≫ Autocad Mechanical Version >= 2023 < 2023.1.1
Autodesk ≫ Autocad Mep Version >= 2022 < 2022.1.3
Autodesk ≫ Autocad Mep Version >= 2023 < 2023.1.1
Autodesk ≫ Autocad Plant 3d Version >= 2022 < 2022.1.3
Autodesk ≫ Autocad Plant 3d Version >= 2023 < 2023.1.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.31 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.