Vulnerabilities > CVE-2021-40163 - Out-of-bounds Write vulnerability in Autodesk products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

autodesk

CWE-787

NVD

Published: 2022-10-07

Updated: 2022-10-11

Summary

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.

Vulnerable Configurations

Part	Description	Count
Application	Autodesk Autodesk Revit 2022 Autodesk Revit 2021 Autodesk Revit 2021.1.1 Autodesk Revit 2021.1.2 Autodesk Revit 2021.1.3 Autodesk Revit 2021.1.4 Autodesk Revit 2020 Autodesk Revit 2020.2.5 Autodesk Revit * Autodesk Inventor 2022 Autodesk Inventor 2021 Autodesk Inventor 2020 Autodesk Inventor 2019 Autodesk Autocad 2022 Autodesk Autocad 2022.0.1 Autodesk Autocad 2022.1 Autodesk Autocad 2019 Autodesk Autocad 2019.1.3 Autodesk Autocad 2020 Autodesk Autocad 2020.1.4 Autodesk Autocad 2021 Autodesk Autocad 2021.1.1 Autodesk Autocad Architecture 2022 Autodesk Autocad Architecture 2022.0.1 Autodesk Autocad Architecture 2019 Autodesk Autocad Architecture 2019.1.3 Autodesk Autocad Architecture 2020 Autodesk Autocad Architecture 2020.1.4 Autodesk Autocad Architecture 2021 Autodesk Autocad Architecture 2021.1.1 Autodesk Autocad Electrical 2022 Autodesk Autocad Electrical 2022.0.1 Autodesk Autocad Electrical 2019 Autodesk Autocad Electrical 2019.1.3 Autodesk Autocad Electrical 2020 Autodesk Autocad Electrical 2020.1.4 Autodesk Autocad Electrical 2021 Autodesk Autocad Electrical 2021.1.1 Autodesk Autocad MAP 3D 2022 Autodesk Autocad MAP 3D 2022.0.1 Autodesk Autocad MAP 3D 2021 Autodesk Autocad MAP 3D 2021.1.1 Autodesk Autocad MAP 3D 2020 Autodesk Autocad MAP 3D 2020.1.4 Autodesk Autocad MAP 3D 2019 Autodesk Autocad MAP 3D 2019.1.3 Autodesk Autocad Mechanical 2022 Autodesk Autocad Mechanical 2022.0.1 Autodesk Autocad Mechanical 2019 Autodesk Autocad Mechanical 2019.1.3 Autodesk Autocad Mechanical 2020 Autodesk Autocad Mechanical 2020.1.4 Autodesk Autocad Mechanical 2021 Autodesk Autocad Mechanical 2021.1.1 Autodesk Autocad MEP 2022 Autodesk Autocad MEP 2022.0.1 Autodesk Autocad MEP 2021 Autodesk Autocad MEP 2021.1.1 Autodesk Autocad MEP 2020 Autodesk Autocad MEP 2020.1.4 Autodesk Autocad MEP 2019 Autodesk Autocad MEP 2019.1.3 Autodesk Autocad Plant 3D 2022 Autodesk Autocad Plant 3D 2022.0.1 Autodesk Autocad Plant 3D 2019 Autodesk Autocad Plant 3D 2019.1.3 Autodesk Autocad Plant 3D 2020 Autodesk Autocad Plant 3D 2020.1.4 Autodesk Autocad Plant 3D 2021 Autodesk Autocad Plant 3D 2021.1.1 Autodesk Autocad LT 2022 Autodesk Autocad LT 2022.0.1 Autodesk Autocad LT 2022.1 Autodesk Autocad LT 2021 Autodesk Autocad LT 2021.1.1 Autodesk Autocad LT 2020 Autodesk Autocad LT 2020.1.4 Autodesk Autocad LT 2019 Autodesk Autocad LT 2019.1.3 Autodesk Autocad LT 2021.1.2 Autodesk Autocad LT 2020.2.1 Autodesk Design Review 2018 Autodesk DWG Trueview 2022 Autodesk DWG Trueview 2019 Autodesk DWG Trueview 2020 Autodesk DWG Trueview 2021 Autodesk Navisworks 2022 Autodesk Navisworks 2022.1 Autodesk Navisworks 2021 Autodesk Navisworks 2021.1 Autodesk Navisworks 2021.2 Autodesk Navisworks 2021.3 Autodesk Navisworks 2020 Autodesk Navisworks 2020.1 Autodesk Navisworks 2020.2 Autodesk Navisworks 2020.3 Autodesk Navisworks 2020.4 Autodesk Navisworks 2019 Autodesk Navisworks 2019.3 Autodesk Navisworks 2019.4 Autodesk Navisworks 2019.6 Autodesk Infraworks 2019.3 Autodesk Infraworks * Autodesk Infraworks 2020.2 Autodesk Infraworks 2021.2 Autodesk Infraworks 2021.0 Autodesk Infraworks 2021.1 Autodesk Infraworks 2022.0 Autodesk Infraworks 2022.1 Autodesk Autocad Civil 3D 2021 Autodesk Autocad Civil 3D 2022 Autodesk Autocad Civil 3D 2020 Autodesk Autocad Civil 3D 2019 Autodesk Autocad Advance Steel 2022 Autodesk Autocad Advance Steel 2021 Autodesk Autocad Advance Steel 2020 Autodesk Autocad Advance Steel 2019 Autodesk Storm AND Sanitary Analysis * Autodesk Storm AND Sanitary Analysis 2022 Autodesk Storm AND Sanitary Analysis 2019 Autodesk Infrastructure Parts Editor 2022 Autodesk Infrastructure Parts Editor 2021 Autodesk Infrastructure Parts Editor * Autodesk Fusion *	144

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011