Out-Of-Bounds Read Vulnerability in Autodesk FBX Review
CVE-2022-25794

7.8HIGH

Key Information:

Vendor: Autodesk
Status: Autodesk Fbx Review
Vendor: CVE Published:; 11 April 2022

What is CVE-2022-25794?

An Out-Of-Bounds Read vulnerability in Autodesk FBX Review allows exploitation through maliciously crafted ActionScript Byte Code (ABC) files. These files, generated by the Flash compiler, can contain executable code. Successful exploitation may lead to potential code execution in the context of the current process, particularly when used in conjunction with other vulnerabilities, raising significant security concerns. For more details, visit the Autodesk security advisory.

Affected Version(s)

Autodesk FBX Review 1.5.2

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 11, 2022
Vulnerability Reserved
Feb 22, 2022