CVE-2021-40162

HIGH

Autodesk AutoCAD - Out-of-bounds Read in Image Processing Component

Title source: llm
STIX 2.1

Description

A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

References (1)

Core 1

Scores

CVSS v3 7.8
EPSS 0.0024
EPSS Percentile 15.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-125
Status published
Products (30)
autodesk/autocad 2019 - 2019.1.4
autodesk/autocad_advance_steel 2019 - 2019.1.4
autodesk/autocad_architecture 2019 - 2019.1.4
autodesk/autocad_civil_3d 2019 - 2019.1.4
autodesk/autocad_electrical 2019 - 2019.1.4
autodesk/autocad_lt 2019 - 2019.1.4
autodesk/autocad_lt 2020 - 2020.3.2
autodesk/autocad_map_3d 2019 - 2019.1.4
autodesk/autocad_mechanical 2019 - 2019.1.4
autodesk/autocad_mep 2019 - 2019.1.4
... and 20 more
Published Oct 07, 2022
Tracked Since Feb 18, 2026