CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
33.4%
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Vendor | Product | Version | CPE |
---|---|---|---|
autodesk | autocad | * | cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* |
autodesk | autocad_advance_steel | * | cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* |
autodesk | autocad_architecture | * | cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* |
autodesk | autocad_civil_3d | * | cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* |
autodesk | autocad_electrical | * | cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* |
autodesk | autocad_lt | * | cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* |
autodesk | autocad_lt | * | cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:* |
autodesk | autocad_map_3d | * | cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* |
autodesk | autocad_mechanical | * | cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* |
autodesk | autocad_mep | * | cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* |
[
{
"vendor": "n/a",
"product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
"versions": [
{
"version": "2022, 2021, 2020, 2019",
"status": "affected"
}
]
}
]
More