CVE-2019-7364

HIGH

Autodesk Various - Code Execution

Title source: llm

Description

DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution.

References (1)

[Patch, Vendor Advisory] https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002

Scores

CVSS v3 7.8

EPSS 0.0032

EPSS Percentile 54.4%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (41)

autodesk/advance_steel

autodesk/autocad

autodesk/autocad_architecture

autodesk/autocad_electrical

... and 26 more

Timeline

Published Aug 23, 2019

Tracked Since Feb 18, 2026