CVE-2022-27527
HIGHAutodesk Navisworks 2019-2019.6 - Memory Corruption via Malicious DLL Files
Title source: llmDescription
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files. It was fixed in PDFTron earlier than 9.0.7 version in Autodesk Navisworks 2022, and 2020.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010
Scores
CVSS v3
7.8
EPSS
0.0007
EPSS Percentile
20.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (1)
autodesk/navisworks
2019 - 2019.6
Published
Apr 19, 2022
Tracked Since
Feb 18, 2026