CVE-2022-27871
Published on: Not Yet Published
Last Modified on: 06/29/2022 05:18:00 PM UTC
Certain versions of 3ds Max from Autodesk contain the following vulnerability:
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code.
- CVE-2022-27871 has been assigned by
psi[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.8 - HIGH
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|---|---|---|---|
| LOCAL | LOW | NONE | REQUIRED |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
| UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 6.8 - MEDIUM
| Access Vector ⓘ |
Access Complexity |
Authentication |
|---|---|---|
| NETWORK | MEDIUM | NONE |
| Confidentiality Impact |
Integrity Impact |
Availability Impact |
| PARTIAL | PARTIAL | PARTIAL |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| Security Advisories | Autodesk Trust Center | www.autodesk.com text/html |
MISC www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011 |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Autodesk | 3ds Max | 2021 | All | All | All |
| Application | Autodesk | 3ds Max | 2022 | All | All | All |
| Application | Autodesk | Advance Steel | 2019 | All | All | All |
| Application | Autodesk | Advance Steel | 2020 | All | All | All |
| Application | Autodesk | Advance Steel | 2021 | All | All | All |
| Application | Autodesk | Advance Steel | 2022 | All | All | All |
| Application | Autodesk | Autocad | 2019 | All | All | All |
| Application | Autodesk | Autocad | 2020 | All | All | All |
| Application | Autodesk | Autocad | 2021 | All | All | All |
| Application | Autodesk | Autocad | 2022 | All | All | All |
| Application | Autodesk | Autocad | 2022 | All | All | All |
| Application | Autodesk | Autocad Architecture | 2019 | All | All | All |
| Application | Autodesk | Autocad Architecture | 2020 | All | All | All |
| Application | Autodesk | Autocad Architecture | 2021 | All | All | All |
| Application | Autodesk | Autocad Architecture | 2022 | All | All | All |
| Application | Autodesk | Autocad Civil 3d | 2019 | All | All | All |
| Application | Autodesk | Autocad Civil 3d | 2020 | All | All | All |
| Application | Autodesk | Autocad Civil 3d | 2021 | All | All | All |
| Application | Autodesk | Autocad Civil 3d | 2022 | All | All | All |
| Application | Autodesk | Autocad Electrical | 2019 | All | All | All |
| Application | Autodesk | Autocad Electrical | 2020 | All | All | All |
| Application | Autodesk | Autocad Electrical | 2021 | All | All | All |
| Application | Autodesk | Autocad Electrical | 2022 | All | All | All |
| Application | Autodesk | Autocad Lt | 2019 | All | All | All |
| Application | Autodesk | Autocad Lt | 2020 | All | All | All |
| Application | Autodesk | Autocad Lt | 2021 | All | All | All |
| Application | Autodesk | Autocad Lt | 2022 | All | All | All |
| Application | Autodesk | Autocad Lt | 2022 | All | All | All |
| Application | Autodesk | Autocad Map 3d | 2019 | All | All | All |
| Application | Autodesk | Autocad Map 3d | 2020 | All | All | All |
| Application | Autodesk | Autocad Map 3d | 2021 | All | All | All |
| Application | Autodesk | Autocad Map 3d | 2022 | All | All | All |
| Application | Autodesk | Autocad Mechanical | 2019 | All | All | All |
| Application | Autodesk | Autocad Mechanical | 2020 | All | All | All |
| Application | Autodesk | Autocad Mechanical | 2021 | All | All | All |
| Application | Autodesk | Autocad Mechanical | 2022 | All | All | All |
| Application | Autodesk | Autocad Mep | 2019 | All | All | All |
| Application | Autodesk | Autocad Mep | 2020 | All | All | All |
| Application | Autodesk | Autocad Mep | 2021 | All | All | All |
| Application | Autodesk | Autocad Mep | 2022 | All | All | All |
| Application | Autodesk | Autocad Plant 3d | 2019 | All | All | All |
| Application | Autodesk | Autocad Plant 3d | 2020 | All | All | All |
| Application | Autodesk | Autocad Plant 3d | 2021 | All | All | All |
| Application | Autodesk | Autocad Plant 3d | 2022 | All | All | All |
| Application | Autodesk | Design Review | 2018 | - | All | All |
| Application | Autodesk | Navisworks | 2019 | All | All | All |
| Application | Autodesk | Navisworks | 2020 | All | All | All |
| Application | Autodesk | Navisworks | 2022 | All | All | All |
| Application | Autodesk | Revit | 2020 | All | All | All |
| Application | Autodesk | Revit | 2021 | All | All | All |
| Application | Autodesk | Revit | 2022 | All | All | All |
- cpe:2.3:a:autodesk:3ds_max:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:3ds_max:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:advance_steel:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:advance_steel:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:macos:*:*:
- cpe:2.3:a:autodesk:autocad_architecture:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_architecture:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_civil_3d:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_civil_3d:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_electrical:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_electrical:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_lt:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_lt:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_lt:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:macos:*:*:
- cpe:2.3:a:autodesk:autocad_map_3d:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_map_3d:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_mechanical:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_mechanical:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_mep:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_mep:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_plant_3d:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_plant_3d:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:navisworks:2019:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:navisworks:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:navisworks:2022:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:revit:2020:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:revit:2021:*:*:*:*:*:*:*:
- cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
| Source | Title | Posted (UTC) |
|---|---|---|
 @CVEreport |
CVE-2022-27871 : #Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior… twitter.com/i/web/status/1… | 2022-06-21 15:09:30 |
 /r/netcve |
CVE-2022-27871 | 2022-06-21 16:38:46 |