Vulnerabilities > CVE-2021-40161 - Out-of-bounds Write vulnerability in Autodesk products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

autodesk

CWE-787

NVD

Published: 2021-12-23

Updated: 2023-08-08

Summary

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version.

Vulnerable Configurations

Part	Description	Count
Application	Autodesk Autodesk Revit - Autodesk Revit 7 Autodesk Revit 8 Autodesk Revit 2020 Autodesk Revit 2021 Autodesk Revit 2021.1.4 Autodesk Revit 2022 Autodesk Revit 2022.1 Autodesk Navisworks 2020 Autodesk Navisworks 2021 Autodesk Navisworks 2022 Autodesk Navisworks 2019 Autodesk Advance Steel 2022 Autodesk Advance Steel 2022.0.1 Autodesk Advance Steel 2020 Autodesk Advance Steel 2020.1.4 Autodesk Advance Steel 2021 Autodesk Advance Steel 2021.1.1 Autodesk Advance Steel 2017 Autodesk Advance Steel 2018 Autodesk Advance Steel 2019 Autodesk Advance Steel 2019.1.3 Autodesk Autocad 2022 Autodesk Autocad 2022.0.1 Autodesk Autocad 2022.1 Autodesk Autocad 2020 Autodesk Autocad 2020.1.4 Autodesk Autocad 2021 Autodesk Autocad 2021.1.1 Autodesk Autocad - Autodesk Autocad 6.0 Autodesk Autocad 2005 Autodesk Autocad 2006 Autodesk Autocad 2007 Autodesk Autocad 2010 Autodesk Autocad 2017 Autodesk Autocad 2018 Autodesk Autocad 2019 Autodesk Autocad 2019.1.3 Autodesk Autocad Architecture 2022 Autodesk Autocad Architecture 2022.0.1 Autodesk Autocad Architecture 2020 Autodesk Autocad Architecture 2020.1.4 Autodesk Autocad Architecture 2021 Autodesk Autocad Architecture 2021.1.1 Autodesk Autocad Architecture 2017 Autodesk Autocad Architecture 2018 Autodesk Autocad Architecture 2019 Autodesk Autocad Architecture 2019.1.3 Autodesk Autocad Electrical 2022 Autodesk Autocad Electrical 2022.0.1 Autodesk Autocad Electrical 2020 Autodesk Autocad Electrical 2020.1.4 Autodesk Autocad Electrical 2021 Autodesk Autocad Electrical 2021.1.1 Autodesk Autocad Electrical - Autodesk Autocad Electrical 2005 Autodesk Autocad Electrical 2006 Autodesk Autocad Electrical 2017 Autodesk Autocad Electrical 2018 Autodesk Autocad Electrical 2019 Autodesk Autocad Electrical 2019.1.3 Autodesk Autocad MAP 3D 2022 Autodesk Autocad MAP 3D 2022.0.1 Autodesk Autocad MAP 3D 2021 Autodesk Autocad MAP 3D 2021.1.1 Autodesk Autocad MAP 3D 2020 Autodesk Autocad MAP 3D 2020.1.4 Autodesk Autocad MAP 3D 2017 Autodesk Autocad MAP 3D 2018 Autodesk Autocad MAP 3D 2019 Autodesk Autocad MAP 3D 2019.1.3 Autodesk Autocad Mechanical 2022 Autodesk Autocad Mechanical 2022.0.1 Autodesk Autocad Mechanical 2020 Autodesk Autocad Mechanical 2020.1.4 Autodesk Autocad Mechanical 2021 Autodesk Autocad Mechanical 2021.1.1 Autodesk Autocad Mechanical - Autodesk Autocad Mechanical 2005 Autodesk Autocad Mechanical 2006 Autodesk Autocad Mechanical 2017 Autodesk Autocad Mechanical 2018 Autodesk Autocad Mechanical 2019 Autodesk Autocad Mechanical 2019.1.3 Autodesk Autocad MEP 2022 Autodesk Autocad MEP 2022.0.1 Autodesk Autocad MEP 2021 Autodesk Autocad MEP 2021.1.1 Autodesk Autocad MEP 2020 Autodesk Autocad MEP 2020.1.4 Autodesk Autocad MEP 2017 Autodesk Autocad MEP 2018 Autodesk Autocad MEP 2019 Autodesk Autocad MEP 2019.1.3 Autodesk Autocad Plant 3D 2022 Autodesk Autocad Plant 3D 2022.0.1 Autodesk Autocad Plant 3D 2020 Autodesk Autocad Plant 3D 2020.1.4 Autodesk Autocad Plant 3D 2021 Autodesk Autocad Plant 3D 2021.1.1 Autodesk Autocad Plant 3D 2017 Autodesk Autocad Plant 3D 2018 Autodesk Autocad Plant 3D 2019 Autodesk Autocad Plant 3D 2019.1.3 Autodesk Autocad LT 2022 Autodesk Autocad LT 2022.0.1 Autodesk Autocad LT 2022.1 Autodesk Autocad LT 2021 Autodesk Autocad LT 2021.1.1 Autodesk Autocad LT 2020 Autodesk Autocad LT 2020.1.4 Autodesk Autocad LT - Autodesk Autocad LT 95 Autodesk Autocad LT 97 Autodesk Autocad LT 98 Autodesk Autocad LT 2000 Autodesk Autocad LT 2000I Autodesk Autocad LT 2002 Autodesk Autocad LT 2004 Autodesk Autocad LT 2005 Autodesk Autocad LT 2006 Autodesk Autocad LT 2007 Autodesk Autocad LT 2008 Autodesk Autocad LT 2009 Autodesk Autocad LT 2010 Autodesk Autocad LT 2011 Autodesk Autocad LT 2012 Autodesk Autocad LT 2017 Autodesk Autocad LT 2018 Autodesk Autocad LT 2019 Autodesk Autocad LT 2019.1.3 Autodesk Civil 3D 2022 Autodesk Civil 3D 2022.0.1 Autodesk Civil 3D 2022.1.1 Autodesk Civil 3D 2020 Autodesk Civil 3D 2020.1.4 Autodesk Civil 3D 2021 Autodesk Civil 3D 2021.1.1 Autodesk Civil 3D 2017 Autodesk Civil 3D 2018 Autodesk Civil 3D 2019 Autodesk Civil 3D 2019.1.3 Autodesk Design Review 2018	191

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010