V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2022-25788
CVE
High

A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulner…

CVSS
7.8
High
EPSS
0.01
p70
Published
2022-01-01
Updated
2022-01-01
Description

A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.

Tags · CWE
CWE-787
Affected products
Advance_steel 2022–2022.1.2Autocad 2022–2022.1.2Autocad 2022–2022.2.2Autocad_architecture 2022–2022.1.2Autocad_electrical 2022–2022.1.2Autocad_lt 2022–2022.1.2Autocad_lt 2022–2022.2.2Autocad_map_3d 2022–2022.1.2Autocad_mechanical 2022–2022.1.2Autocad_mep 2022–2022.1.2Autocad_plant_3d 2022–2022.1.2Civil_3d 2022–2022.1.2Inventor 2022–2022.2
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Timeline
2022-01-01
Published
2022-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: L
Local (L)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.015 · p70
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Autodesk
AutocadAutocad ElectricalAutocad MechanicalAutocad ArchitectureAutocad MepAutocad Plant 3dAutocad Map 3dAdvance SteelCivil 3dAutocad Lt+1
ProductVendorStatus
advance_steel*Tracked
autocad*Tracked
autocad_architecture*Tracked
autocad_electrical*Tracked
autocad_lt*Tracked
autocad_map_3d*Tracked
autocad_mechanical*Tracked
autocad_mep*Tracked
autocad_plant_3d*Tracked
civil_3d*Tracked
inventor*Tracked
Source databases
CVE