CVE-2021-27033

HIGH

Autodesk Design Review - Double Free

Title source: rule

Description

A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of Autodesk Design Review 2018, 2017, 2013, 2012, 2011. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

References (1)

[Vendor Advisory] https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004

Scores

CVSS v3 7.8

EPSS 0.0089

EPSS Percentile 75.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (5)

autodesk/design_review

Timeline

Published Jul 09, 2021

Tracked Since Feb 18, 2026