Buffer Overflow Vulnerability in Autodesk AutoCAD Products
CVE-2022-25797

7.8HIGH

Key Information:

Vendor: Autodesk
Status: Autodesk Trueview
Vendor: CVE Published:; 13 April 2022

What is CVE-2022-25797?

A vulnerability exists in Autodesk AutoCAD versions 2022, 2021, 2020, and 2019 due to improper handling of specially crafted PDF files. When these files are processed, it can lead to a dereference for a write beyond the allocated memory buffer, causing an unhandled exception. This flaw can potentially lead to system instability and may expose affected systems to additional risks.

Affected Version(s)

Autodesk Trueview 2022, 2021, 2020, 2019

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2022
Vulnerability Reserved
Feb 22, 2022