CVE-2022-27864

HIGH

Autodesk Design Review - Double Free

Title source: rule

Description

A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

References (1)

Scores

CVSS v3 8.8
EPSS 0.0086
EPSS Percentile 74.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-415
Status published

Affected Products (10)

autodesk/design_review
autodesk/design_review
autodesk/design_review
autodesk/design_review
autodesk/design_review
autodesk/design_review
autodesk/design_review
autodesk/design_review
autodesk/design_review
autodesk/design_review

Timeline

Published Jul 29, 2022
Tracked Since Feb 18, 2026