Buffer Overflow Vulnerability in Autodesk 3ds Max
CVE-2022-27531

7.8HIGH

Key Information:

Vendor: Autodesk
Status: Autodesk 3ds Max
Vendor: CVE Published:; 16 June 2022

What is CVE-2022-27531?

A buffer overflow vulnerability exists in Autodesk 3ds Max 2022 and 2021, allowing an attacker to exploit the application by crafting a malicious TIF file. This vulnerability enables an attacker to read beyond allocated memory boundaries while processing TIF files, potentially leading to unauthorized code execution within the context of the running process. This issue may be exploited in conjunction with other vulnerabilities for heightened attack efficacy.

Affected Version(s)

Autodesk 3ds Max 2020, 2021

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2022
Vulnerability Reserved
Mar 21, 2022