Description
An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References (1)
Core 1
Core References
Patch, Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022
Scores
CVSS v3
7.8
EPSS
0.0006
EPSS Percentile
19.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-125
Status
published
Products (1)
autodesk/fbx_software_development_kit
2020.0
Published
Oct 14, 2022
Tracked Since
Feb 18, 2026