CVE-2021-40156
Description
A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.418
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Autodesk Navisworks Simulate 2019 | Windows |
| Multiple Vulnerabilities are affected in Autodesk Navisworks Simulate 2020 | Windows |
| Multiple Vulnerabilities are affected in Autodesk Navisworks Simulate 2021 | Windows |
| Multiple Vulnerabilities are affected in Autodesk Navisworks Simulate 2022 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234