CVE-2022-33889
HIGHAutodesk Design Review <2018 & AutoCAD <2023 - Buffer Overflow
Title source: llmDescription
A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021
Scores
CVSS v3
7.8
EPSS
0.0006
EPSS Percentile
19.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (12)
autodesk/autocad
< 2022.1.3
autodesk/autocad_advance_steel
< 2022.1.3
autodesk/autocad_architecture
< 2022.1.3
autodesk/autocad_civil_3d
< 2022.1.3
autodesk/autocad_electrical
< 2022.1.3
autodesk/autocad_lt
< 2022.1.3
autodesk/autocad_map_3d
< 2022.1.3
autodesk/autocad_mechanical
< 2022.1.3
autodesk/autocad_mep
< 2022.1.3
autodesk/autocad_plant_3d
< 2022.1.3
... and 2 more
Published
Oct 03, 2022
Tracked Since
Feb 18, 2026