CVE-2022-27870
HIGHAutodesk AutoCAD 2023 - Out-of-bounds Write via TGA File Parsing
Title source: llmDescription
A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004
Scores
CVSS v3
7.8
EPSS
0.0042
EPSS Percentile
62.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (1)
autodesk/autocad
2023
Published
Jun 21, 2022
Tracked Since
Feb 18, 2026