Vulnerabilities > CVE-2022-41303 - Use After Free vulnerability in Autodesk FBX Software Development KIT 2020.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

autodesk

CWE-416

NVD

Published: 2022-10-14

Updated: 2022-10-19

Summary

A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory location controlled by an unauthorized third party, thereby running arbitrary code on the system.

Vulnerable Configurations

Part	Description	Count
Application	Autodesk Autodesk FBX Software Development KIT 2020.0	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022