Description
A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020
Scores
CVSS v3
7.8
EPSS
0.0012
EPSS Percentile
29.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (10)
autodesk/autocad
2022 - 2022.1.3
autodesk/autocad_advance_steel
2022 - 2022.1.3
autodesk/autocad_architecture
2022 - 2022.1.3
autodesk/autocad_civil_3d
2022 - 2022.1.3
autodesk/autocad_electrical
2022 - 2022.1.3
autodesk/autocad_lt
2022 - 2022.1.3
autodesk/autocad_map_3d
2022 - 2022.1.3
autodesk/autocad_mechanical
2022 - 2022.1.3
autodesk/autocad_mep
2022 - 2022.1.3
autodesk/autocad_plant_3d
2022 - 2022.1.3
Published
Oct 03, 2022
Tracked Since
Feb 18, 2026