CVE-2022-25790

{"id": "CVE-2022-25790", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-04-11T20:15:20.503", "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0005", "tags": ["Vendor Advisory"], "source": "psirt@autodesk.com"}, {"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0005", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated boundaries when parsing the DWF files. Exploitation of this vulnerability may lead to code execution."}, {"lang": "es", "value": "Un archivo DWF maliciosamente dise\u00f1ado en Autodesk AutoCAD versiones 2022, 2021, 2020, 2019 y Autodesk Navisworks versi\u00f3n 2022 puede usarse para escribir m\u00e1s all\u00e1 de los l\u00edmites asignados cuando son analizados los archivos DWF. Una explotaci\u00f3n de esta vulnerabilidad puede conllevar a una ejecuci\u00f3n de c\u00f3digo"}], "lastModified": "2024-11-21T06:53:00.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "395D75D7-FE8C-461D-8642-98BE81AA5277", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "525AD44E-386E-42C9-8B2E-90F29855DF4A", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CDC63B1-6EA4-48C6-998A-A86A82A74BD4", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1BE9431-DC86-4ABB-8EE2-9FADA3B0AEBA", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:*", "vulnerable": true, "matchCriteriaId": "8357611C-929E-407C-B4C8-6ED926E513C6", "versionEndExcluding": "2022.2.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6929C4B1-27A0-4595-ABB6-48BB7F03A3EB", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019"}, {"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE4E278B-360E-4F00-8479-9531EB417269", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020"}, {"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "577AEF72-23CC-45D9-B391-8A3D79DAB5BA", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021"}, {"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82C21398-6A86-4E56-A98E-E80FFCC6732E", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022"}, {"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC", "versionEndExcluding": "2022.2", "versionStartIncluding": "2022"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@autodesk.com"}