CVE-2022-25790
Summary
| CVE | CVE-2022-25790 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-04-11 20:15:00 UTC |
| Updated | 2022-04-19 15:48:00 UTC |
| Description | A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated boundaries when parsing the DWF files. Exploitation of this vulnerability may lead to code execution. |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Autodesk | Advance Steel | All | All | All | All |
| Application | Autodesk | Autocad | All | All | All | All |
| Application | Autodesk | Autocad | All | All | All | All |
| Application | Autodesk | Autocad Architecture | All | All | All | All |
| Application | Autodesk | Autocad Electrical | All | All | All | All |
| Application | Autodesk | Autocad Lt | All | All | All | All |
| Application | Autodesk | Autocad Map 3d | All | All | All | All |
| Application | Autodesk | Autocad Mechanical | All | All | All | All |
| Application | Autodesk | Autocad Mep | All | All | All | All |
| Application | Autodesk | Autocad Plant 3d | All | All | All | All |
| Application | Autodesk | Civil 3d | All | All | All | All |
| Application | Autodesk | Navisworks | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisories | Autodesk Trust Center | MISC | www.autodesk.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.