CVE-2022-25788
Published Apr 19, 2022
Last updated 3 years ago
Overview
- Description
- A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.
- Source
- psirt@autodesk.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-787
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1BE9431-DC86-4ABB-8EE2-9FADA3B0AEBA",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
"vulnerable": true,
"matchCriteriaId": "E3116E10-FB93-4EC7-957E-B130FE5153BF",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:*",
"vulnerable": true,
"matchCriteriaId": "8357611C-929E-407C-B4C8-6ED926E513C6",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
"vulnerable": true,
"matchCriteriaId": "0DC17B10-E6E8-4D49-BDEF-DBC5097580C9",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
"vulnerable": true,
"matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
"versionEndExcluding": "2022.2.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82C21398-6A86-4E56-A98E-E80FFCC6732E",
"versionEndExcluding": "2022.1.2",
"versionStartIncluding": "2022"
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
"versionEndExcluding": "2022.2",
"versionStartIncluding": "2022"
}
],
"operator": "OR"
}
]
}
]