1.5.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

autodesk

CWE-787

NVD

Published: 2021-04-19

Updated: 2021-09-16

Summary

A Memory Corruption Vulnerability in Autodesk FBX Review version 1.5.0 and prior may lead to remote code execution through maliciously crafted DLL files.

Vulnerable Configurations

Part	Description	Count
Application	Autodesk Autodesk FBX Review - Autodesk FBX Review 1.4.0 Autodesk FBX Review 1.4.1.0 Autodesk FBX Review 1.5.0	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001
https://www.zerodayinitiative.com/advisories/ZDI-21-465/
https://www.zerodayinitiative.com/advisories/ZDI-21-467/