Vulnerabilities > CVE-2022-27528 - Use After Free vulnerability in Autodesk Navisworks 2022/2022.1

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
autodesk
CWE-416

Summary

A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.

Vulnerable Configurations

Part Description Count
Application
Autodesk
2

Common Weakness Enumeration (CWE)