Search

Find a vulnerability

Search criteria

    28 vulnerabilities found for inventor by autodesk

    CVE-2025-5039 (GCVE-0-2025-5039)

    Vulnerability from nvd – Published: 2025-07-24 17:11 – Updated: 2026-05-28 19:50
    VLAI
    Title
    Privilege Ecalation due to Untrusted Search Path Vulnerability
    Summary
    A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Autodesk AutoCAD Affected: 2026 , < 2026.1 (custom)
        cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD LT Affected: 2026 , < 2026.1 (custom)
        cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk RealDWG Affected: 2026 , < 2026.0.2 (custom)
        cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk 3ds Max Affected: 2027 , < 2027.1 (custom)
    Affected: 2026 , < 2026.3.3 (custom)
        cpe:2.3:a:autodesk:3ds_max:2027:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5039",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-25T03:55:31.845753Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:15.076Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2026.1",
                  "status": "affected",
                  "version": "2026",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD LT",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2026.1",
                  "status": "affected",
                  "version": "2026",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "RealDWG",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2026.0.2",
                  "status": "affected",
                  "version": "2026",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:3ds_max:2027:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "3ds Max",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2027.1",
                  "status": "affected",
                  "version": "2027",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2026.3.3",
                  "status": "affected",
                  "version": "2026",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.\u003cbr\u003e"
                }
              ],
              "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-38",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-426",
                  "description": "CWE-426 Untrusted Search Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T19:50:20.274Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.autodesk.com/products/autodesk-access/overview"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Privilege Ecalation due to Untrusted Search Path Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2025-5039",
        "datePublished": "2025-07-24T17:11:14.714Z",
        "dateReserved": "2025-05-21T13:00:59.147Z",
        "dateUpdated": "2026-05-28T19:50:20.274Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-1276 (GCVE-0-2025-1276)

    Vulnerability from nvd – Published: 2025-04-15 20:55 – Updated: 2026-02-26 18:28
    VLAI
    Title
    DWG File Parsing Out-of-Bounds Write Vulnerability
    Summary
    A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Autodesk AutoCAD Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD Architecture Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD Electrical Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD MAP 3D Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD Mechanical Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD MEP Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD Plant 3D Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk Advance Steel Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD LT Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk RealDWG Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
        cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk DWG TrueView Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-1276",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T03:55:46.650494Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T18:28:17.781Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD Architecture",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD Electrical",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD MAP 3D",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD Mechanical",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD MEP",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD Plant 3D",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Advance Steel",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD LT",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "RealDWG",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "DWG TrueView",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
                }
              ],
              "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-Bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-07T20:54:16.150Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.autodesk.com/products/autodesk-access/overview"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.autodesk.com/products/dwg-trueview/overview"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "DWG File Parsing Out-of-Bounds Write Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2025-1276",
        "datePublished": "2025-04-15T20:55:04.255Z",
        "dateReserved": "2025-02-13T15:16:31.469Z",
        "dateUpdated": "2026-02-26T18:28:17.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-29068 (GCVE-0-2023-29068)

    Vulnerability from nvd – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:41
    VLAI
    Summary
    A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • memory corruption vulnerability
    Assigner
    Impacted products
    Vendor Product Version
    n/a Autodesk products Affected: 2023, 2022, 2021, 2020
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T14:00:14.952Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-29068",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-05T14:41:27.413833Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T14:41:43.199Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Autodesk products",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2023, 2022, 2021, 2020"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "memory corruption vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-27T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2023-29068",
        "datePublished": "2023-06-27T00:00:00.000Z",
        "dateReserved": "2023-03-30T00:00:00.000Z",
        "dateUpdated": "2024-12-05T14:41:43.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-25004 (GCVE-0-2023-25004)

    Vulnerability from nvd – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:40
    VLAI
    Summary
    A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Integer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    n/a Autodesk products Affected: 2023, 2022, 2021, 2020
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T11:11:43.391Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-25004",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-05T14:39:57.188378Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T14:40:18.983Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Autodesk products",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2023, 2022, 2021, 2020"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Integer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-27T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2023-25004",
        "datePublished": "2023-06-27T00:00:00.000Z",
        "dateReserved": "2023-02-01T00:00:00.000Z",
        "dateUpdated": "2024-12-05T14:40:18.983Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-25003 (GCVE-0-2023-25003)

    Vulnerability from nvd – Published: 2023-06-23 00:00 – Updated: 2024-12-05 17:10
    VLAI
    Summary
    A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • out-of-bound read write / read
    Assigner
    Impacted products
    Vendor Product Version
    n/a AutoCAD, Maya Affected: 2023, 2022
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T11:11:43.401Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-25003",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-05T17:09:59.558363Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T17:10:10.146Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "AutoCAD, Maya",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2023, 2022"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "out-of-bound read write / read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-23T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2023-25003",
        "datePublished": "2023-06-23T00:00:00.000Z",
        "dateReserved": "2023-02-01T00:00:00.000Z",
        "dateUpdated": "2024-12-05T17:10:10.146Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40166 (GCVE-0-2021-40166)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Use-After-Free
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.562Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use-After-Free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40166",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.562Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40165 (GCVE-0-2021-40165)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Buffer Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.537Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40165",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.537Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40164 (GCVE-0-2021-40164)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Heap-based Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.502Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap-based Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40164",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.502Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40163 (GCVE-0-2021-40163)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
    Severity
    No CVSS data available.
    CWE
    • Memory Corruption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40163",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40162 (GCVE-0-2021-40162)

    Vulnerability from nvd – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Out-of-Band Read
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.539Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Band Read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40162",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.539Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25788 (GCVE-0-2022-25788)

    Vulnerability from nvd – Published: 2022-04-19 20:26 – Updated: 2024-08-03 04:49
    VLAI
    Summary
    A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Out-of-bound Write
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.514Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022.1.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bound Write",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T20:26:31.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@autodesk.com",
              "ID": "CVE-2022-25788",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2022.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bound Write"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
                  "refsource": "MISC",
                  "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2022-25788",
        "datePublished": "2022-04-19T20:26:31.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:49:43.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40159 (GCVE-0-2021-40159)

    Vulnerability from nvd – Published: 2022-01-25 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a Inventor Affected: 2022, 2021, 2020, 2019
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.832Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-282/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-289/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Inventor",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-282/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-289/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40159",
        "datePublished": "2022-01-25T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.832Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40158 (GCVE-0-2021-40158)

    Vulnerability from nvd – Published: 2022-01-25 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
    Severity
    No CVSS data available.
    CWE
    • Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    n/a Inventor Affected: 2022, 2021, 2020, 2019
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.854Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-287/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-283/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-288/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-286/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-284/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-285/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-281/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-449/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-441/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-453/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-444/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-447/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-448/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-452/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-445/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-466/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-451/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-454/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-443/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-450/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-455/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Inventor",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-287/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-283/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-288/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-286/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-284/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-285/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-281/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-449/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-441/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-453/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-444/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-447/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-448/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-452/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-445/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-466/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-451/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-454/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-443/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-450/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-455/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40158",
        "datePublished": "2022-01-25T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.854Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-4710 (GCVE-0-2005-4710)

    Vulnerability from nvd – Published: 2006-02-10 11:00 – Updated: 2024-08-07 23:53
    VLAI
    Summary
    Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://usa.autodesk.com/adsk/servlet/ps/dl/item?s… x_refsource_CONFIRM
    http://secunia.com/advisories/18682 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/16472 vdb-entryx_refsource_BID
    Date Public
    2005-10-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:53:28.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
              },
              {
                "name": "18682",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18682"
              },
              {
                "name": "autodesk-gain-privileges(24460)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
              },
              {
                "name": "16472",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16472"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-10-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user\u0027s computer,\" aka ID DL5549329."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
            },
            {
              "name": "18682",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18682"
            },
            {
              "name": "autodesk-gain-privileges(24460)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
            },
            {
              "name": "16472",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16472"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-4710",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user\u0027s computer,\" aka ID DL5549329."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232",
                  "refsource": "CONFIRM",
                  "url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
                },
                {
                  "name": "18682",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18682"
                },
                {
                  "name": "autodesk-gain-privileges(24460)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
                },
                {
                  "name": "16472",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16472"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-4710",
        "datePublished": "2006-02-10T11:00:00.000Z",
        "dateReserved": "2006-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:53:28.986Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-5039 (GCVE-0-2025-5039)

    Vulnerability from cvelistv5 – Published: 2025-07-24 17:11 – Updated: 2026-05-28 19:50
    VLAI
    Title
    Privilege Ecalation due to Untrusted Search Path Vulnerability
    Summary
    A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Autodesk AutoCAD Affected: 2026 , < 2026.1 (custom)
        cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD LT Affected: 2026 , < 2026.1 (custom)
        cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk RealDWG Affected: 2026 , < 2026.0.2 (custom)
        cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk 3ds Max Affected: 2027 , < 2027.1 (custom)
    Affected: 2026 , < 2026.3.3 (custom)
        cpe:2.3:a:autodesk:3ds_max:2027:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5039",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-25T03:55:31.845753Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:15.076Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2026.1",
                  "status": "affected",
                  "version": "2026",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD LT",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2026.1",
                  "status": "affected",
                  "version": "2026",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "RealDWG",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2026.0.2",
                  "status": "affected",
                  "version": "2026",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:3ds_max:2027:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "3ds Max",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2027.1",
                  "status": "affected",
                  "version": "2027",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2026.3.3",
                  "status": "affected",
                  "version": "2026",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.\u003cbr\u003e"
                }
              ],
              "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-38",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-426",
                  "description": "CWE-426 Untrusted Search Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T19:50:20.274Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.autodesk.com/products/autodesk-access/overview"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Privilege Ecalation due to Untrusted Search Path Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2025-5039",
        "datePublished": "2025-07-24T17:11:14.714Z",
        "dateReserved": "2025-05-21T13:00:59.147Z",
        "dateUpdated": "2026-05-28T19:50:20.274Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-1276 (GCVE-0-2025-1276)

    Vulnerability from cvelistv5 – Published: 2025-04-15 20:55 – Updated: 2026-02-26 18:28
    VLAI
    Title
    DWG File Parsing Out-of-Bounds Write Vulnerability
    Summary
    A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Autodesk AutoCAD Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD Architecture Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD Electrical Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD MAP 3D Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD Mechanical Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD MEP Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD Plant 3D Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk Advance Steel Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk AutoCAD LT Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk RealDWG Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
        cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*
    Create a notification for this product.
    Autodesk DWG TrueView Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-1276",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-18T03:55:46.650494Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T18:28:17.781Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD Architecture",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD Electrical",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD MAP 3D",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD Mechanical",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD MEP",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD Plant 3D",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Advance Steel",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "AutoCAD LT",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "RealDWG",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
                "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "DWG TrueView",
              "vendor": "Autodesk",
              "versions": [
                {
                  "lessThan": "2025.1.2",
                  "status": "affected",
                  "version": "2025",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2024.1.7",
                  "status": "affected",
                  "version": "2024",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2023.1.7",
                  "status": "affected",
                  "version": "2023",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
                }
              ],
              "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-100",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-100 Overflow Buffers"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-Bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-07T20:54:16.150Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.autodesk.com/products/autodesk-access/overview"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.autodesk.com/products/dwg-trueview/overview"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "DWG File Parsing Out-of-Bounds Write Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2025-1276",
        "datePublished": "2025-04-15T20:55:04.255Z",
        "dateReserved": "2025-02-13T15:16:31.469Z",
        "dateUpdated": "2026-02-26T18:28:17.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-25004 (GCVE-0-2023-25004)

    Vulnerability from cvelistv5 – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:40
    VLAI
    Summary
    A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Integer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    n/a Autodesk products Affected: 2023, 2022, 2021, 2020
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T11:11:43.391Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-25004",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-05T14:39:57.188378Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T14:40:18.983Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Autodesk products",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2023, 2022, 2021, 2020"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Integer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-27T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2023-25004",
        "datePublished": "2023-06-27T00:00:00.000Z",
        "dateReserved": "2023-02-01T00:00:00.000Z",
        "dateUpdated": "2024-12-05T14:40:18.983Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-29068 (GCVE-0-2023-29068)

    Vulnerability from cvelistv5 – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:41
    VLAI
    Summary
    A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • memory corruption vulnerability
    Assigner
    Impacted products
    Vendor Product Version
    n/a Autodesk products Affected: 2023, 2022, 2021, 2020
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T14:00:14.952Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-29068",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-05T14:41:27.413833Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T14:41:43.199Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Autodesk products",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2023, 2022, 2021, 2020"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "memory corruption vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-27T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2023-29068",
        "datePublished": "2023-06-27T00:00:00.000Z",
        "dateReserved": "2023-03-30T00:00:00.000Z",
        "dateUpdated": "2024-12-05T14:41:43.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-25003 (GCVE-0-2023-25003)

    Vulnerability from cvelistv5 – Published: 2023-06-23 00:00 – Updated: 2024-12-05 17:10
    VLAI
    Summary
    A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • out-of-bound read write / read
    Assigner
    Impacted products
    Vendor Product Version
    n/a AutoCAD, Maya Affected: 2023, 2022
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T11:11:43.401Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-25003",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-05T17:09:59.558363Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-05T17:10:10.146Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "AutoCAD, Maya",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2023, 2022"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "out-of-bound read write / read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-23T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2023-25003",
        "datePublished": "2023-06-23T00:00:00.000Z",
        "dateReserved": "2023-02-01T00:00:00.000Z",
        "dateUpdated": "2024-12-05T17:10:10.146Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40162 (GCVE-0-2021-40162)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Out-of-Band Read
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.539Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Band Read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40162",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.539Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40163 (GCVE-0-2021-40163)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.
    Severity
    No CVSS data available.
    CWE
    • Memory Corruption
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40163",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40165 (GCVE-0-2021-40165)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Buffer Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.537Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40165",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.537Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40164 (GCVE-0-2021-40164)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Heap-based Overflow
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.502Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap-based Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40164",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.502Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40166 (GCVE-0-2021-40166)

    Vulnerability from cvelistv5 – Published: 2022-10-07 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Use-After-Free
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.562Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use-After-Free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40166",
        "datePublished": "2022-10-07T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.562Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25788 (GCVE-0-2022-25788)

    Vulnerability from cvelistv5 – Published: 2022-04-19 20:26 – Updated: 2024-08-03 04:49
    VLAI
    Summary
    A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.
    Severity
    No CVSS data available.
    CWE
    • Out-of-bound Write
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:49:43.514Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022.1.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bound Write",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T20:26:31.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@autodesk.com",
              "ID": "CVE-2022-25788",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2022.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bound Write"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002",
                  "refsource": "MISC",
                  "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2022-25788",
        "datePublished": "2022-04-19T20:26:31.000Z",
        "dateReserved": "2022-02-22T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:49:43.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40159 (GCVE-0-2021-40159)

    Vulnerability from cvelistv5 – Published: 2022-01-25 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    Impacted products
    Vendor Product Version
    n/a Inventor Affected: 2022, 2021, 2020, 2019
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.832Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-282/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-289/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Inventor",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-282/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-289/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40159",
        "datePublished": "2022-01-25T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.832Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-40158 (GCVE-0-2021-40158)

    Vulnerability from cvelistv5 – Published: 2022-01-25 00:00 – Updated: 2024-08-04 02:27
    VLAI
    Summary
    A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
    Severity
    No CVSS data available.
    CWE
    • Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    n/a Inventor Affected: 2022, 2021, 2020, 2019
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:27:31.854Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-287/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-283/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-288/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-286/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-284/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-285/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-281/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-449/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-441/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-453/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-444/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-447/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-448/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-452/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-445/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-466/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-451/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-454/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-443/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-450/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-455/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Inventor",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "2022, 2021, 2020, 2019"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 and AutoCAD 2022 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
            "shortName": "autodesk"
          },
          "references": [
            {
              "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-287/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-283/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-288/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-286/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-284/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-285/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-281/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-449/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-441/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-453/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-444/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-447/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-448/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-452/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-445/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-466/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-451/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-454/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-443/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-450/"
            },
            {
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-455/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "assignerShortName": "autodesk",
        "cveId": "CVE-2021-40158",
        "datePublished": "2022-01-25T00:00:00.000Z",
        "dateReserved": "2021-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-04T02:27:31.854Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-4710 (GCVE-0-2005-4710)

    Vulnerability from cvelistv5 – Published: 2006-02-10 11:00 – Updated: 2024-08-07 23:53
    VLAI
    Summary
    Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer," aka ID DL5549329.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://usa.autodesk.com/adsk/servlet/ps/dl/item?s… x_refsource_CONFIRM
    http://secunia.com/advisories/18682 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/16472 vdb-entryx_refsource_BID
    Date Public
    2005-10-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:53:28.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
              },
              {
                "name": "18682",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18682"
              },
              {
                "name": "autodesk-gain-privileges(24460)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
              },
              {
                "name": "16472",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16472"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-10-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user\u0027s computer,\" aka ID DL5549329."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
            },
            {
              "name": "18682",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18682"
            },
            {
              "name": "autodesk-gain-privileges(24460)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
            },
            {
              "name": "16472",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16472"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-4710",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to \"gain inappropriate access to another local user\u0027s computer,\" aka ID DL5549329."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232",
                  "refsource": "CONFIRM",
                  "url": "http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112\u0026id=5549329\u0026linkID=4183232"
                },
                {
                  "name": "18682",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18682"
                },
                {
                  "name": "autodesk-gain-privileges(24460)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24460"
                },
                {
                  "name": "16472",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16472"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-4710",
        "datePublished": "2006-02-10T11:00:00.000Z",
        "dateReserved": "2006-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:53:28.986Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }