CVE-2022-27869
HIGHAutodesk AutoCAD 2023 - Out-of-bounds Read and Write via TIFF File Parsing
Title source: llmDescription
A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004
Scores
CVSS v3
7.8
EPSS
0.0071
EPSS Percentile
48.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-125
CWE-787
Status
published
Products (1)
autodesk/autocad
2023
Published
Jun 21, 2022
Tracked Since
Feb 18, 2026