CVE-2022-25790

Published Apr 11, 2022
Last updated 3 months ago
CVSS high 7.8
Overview

Description: A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated boundaries when parsing the DWF files. Exploitation of this vulnerability may lead to code execution.
Source: psirt@autodesk.com
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-787
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "395D75D7-FE8C-461D-8642-98BE81AA5277",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "525AD44E-386E-42C9-8B2E-90F29855DF4A",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CDC63B1-6EA4-48C6-998A-A86A82A74BD4",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1BE9431-DC86-4ABB-8EE2-9FADA3B0AEBA",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8357611C-929E-407C-B4C8-6ED926E513C6",
            "versionEndExcluding": "2022.2.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6929C4B1-27A0-4595-ABB6-48BB7F03A3EB",
            "versionEndExcluding": "2019.1.4",
            "versionStartIncluding": "2019"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE4E278B-360E-4F00-8479-9531EB417269",
            "versionEndExcluding": "2020.1.5",
            "versionStartIncluding": "2020"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "577AEF72-23CC-45D9-B391-8A3D79DAB5BA",
            "versionEndExcluding": "2021.1.2",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82C21398-6A86-4E56-A98E-E80FFCC6732E",
            "versionEndExcluding": "2022.1.2",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
            "versionEndExcluding": "2022.2",
            "versionStartIncluding": "2022"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
