CVE-2022-25794

HIGH

Autodesk Fbx Review < 1.5.3 - Out-of-Bounds Read

Title source: rule

Description

An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.2 and prior may lead to code execution through maliciously crafted ActionScript Byte Code 'ABC' files or information disclosure. ABC files are created by the Flash compiler and contain executable code. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

References (1)

Core 1

Core References

Vendor Advisory

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0006

Scores

CVSS v3 7.8

EPSS 0.0042

EPSS Percentile 61.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-125

Status published

Products (1)

autodesk/fbx_review < 1.5.3

Published Apr 11, 2022

Tracked Since Feb 18, 2026