CVE-2019-7364

Name of the Vulnerable Software and Affected Versions Autodesk Advanced Steel versions 2017 through 2020 Autodesk Civil 3D versions 2017 through 2020 Autodesk AutoCAD versions 2017 through 2020 Autodesk AutoCAD LT versions 2017 through 2020 Autodesk AutoCAD Architecture versions 2017 through 2020 Autodesk AutoCAD Electrical versions 2017 through 2020 Autodesk AutoCAD Map 3D versions 2017 through 2020 Autodesk AutoCAD Mechanical versions 2017 through 2020 Autodesk AutoCAD MEP versions 2017 through 2020 Autodesk AutoCAD Plant 3D versions 2017 through 2020 Autodesk AutoCAD P&ID version 2017

Description The issue is related to a DLL preloading vulnerability. An attacker may trick a user into opening a malicious DWG file, which could leverage this vulnerability and result in code execution.

Recommendations For Autodesk Advanced Steel versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk Civil 3D versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk AutoCAD versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk AutoCAD LT versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk AutoCAD Architecture versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk AutoCAD Electrical versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk AutoCAD Map 3D versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk AutoCAD Mechanical versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk AutoCAD MEP versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk AutoCAD Plant 3D versions 2017 through 2020, update to a version that includes a fix for the DLL preloading vulnerability. For Autodesk AutoCAD P&ID version 2017, update to a version that includes a fix for the DLL preloading vulnerability. As a temporary workaround, consider avoiding the use of untrusted DWG files until a patch is available.