Use-After-Free Vulnerability in Autodesk FBX Review
CVE-2021-27031

7.8HIGH

Key Information:

Vendor
Autodesk
Status
Autodesk Fbx Review
Vendor
CVE Published:
19 April 2021

Summary

A security vulnerability in Autodesk FBX Review allows a user to be deceived into opening a malicious FBX file. This exploitable use-after-free condition may result in the application referencing a memory area that is controlled by an unauthorized third party, which in turn can lead to the execution of arbitrary code on the affected system. Users are urged to exercise caution when handling untrusted FBX files to prevent potential system compromise.

Affected Version(s)

Autodesk FBX Review 1.4.1.0

References

https://www.autodesk.com/trust/security-advisories/adsk-s...
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-468/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-1069/
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.