Vulnerability CVE-2022-27870

Vulnerability CVE-2022-27870

Published: 2022-06-21

Description:

A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code.

Type:

CWE-787

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Autodesk -> Autocad

References:

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004

Copyright 2024, cxsecurity.com