Memory Corruption Vulnerability in PDFTron by PDFTron Systems Inc.
CVE-2021-40161

7.8HIGH

Key Information:

Vendor: Autodesk
Status: Revit, Navisworks, Autodesk® Advance Steel, Autocad®, Autocad® Architecture, Autocad® Electrical, Autocad® Map 3d, Autocad® Mechanical, Autocad® Mep, Autocad® Plant 3d, Autocad® Lt, Autodesk® Civil 3d, Autocad® Mac, Autocad® Lt For Mac
Vendor: CVE Published:; 23 December 2021

What is CVE-2021-40161?

A memory corruption vulnerability in PDFTron allows attackers to exploit improperly handled DLL files, potentially resulting in unauthorized code execution. This issue affects all versions prior to 9.0.7, making it imperative for users to upgrade to the latest version to ensure system integrity and security. Maliciously crafted DLL files could be used in a targeted attack, emphasizing the urgency for timely patches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Revit, Navisworks, Autodesk® Advance Steel, AutoCAD®, AutoCAD® Architecture, AutoCAD® Electrical, AutoCAD® Map 3D, AutoCAD® Mechanical, AutoCAD® MEP, AutoCAD® Plant 3D, AutoCAD® LT, Autodesk® Civil 3D, AutoCAD® Mac, AutoCAD® LT for Mac prior to 9.0.7

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 23, 2021
Vulnerability Reserved
Aug 27, 2021

JSON

Autodesk

What is CVE-2021-40161?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.