CVE-2021-27043
HIGHAutodesk Advance Steel 2019-2019.1.3 - Arbitrary Address Write
Title source: llmDescription
An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007
Scores
CVSS v3
7.8
EPSS
0.0022
EPSS Percentile
44.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (11)
autodesk/advance_steel
2019 - 2019.1.3
autodesk/autocad
2019 - 2019.1.3
autodesk/autocad_architecture
2019 - 2019.1.3
autodesk/autocad_electrical
2019 - 2019.1.3
autodesk/autocad_lt
2019 - 2019.1.3
autodesk/autocad_map_3d
2019 - 2019.1.3
autodesk/autocad_mechanical
2019 - 2019.1.3
autodesk/autocad_mep
2019 - 2019.1.3
autodesk/autocad_plant_3d
2019 - 2019.1.3
autodesk/civil_3d
2019 - 2019.1.3
... and 1 more
Published
Jun 25, 2021
Tracked Since
Feb 18, 2026