CVE-2021-27038

Name of the Vulnerable Software and Affected Versions Autodesk Design Review versions 2011 through 2018

Description A Type Confusion issue occurs when processing a maliciously crafted PDF file, allowing a malicious actor to execute arbitrary code. The vulnerability is related to errors in data type conversion during PDF file parsing.

Recommendations For Autodesk Design Review versions 2011 through 2018, update to a version that includes a fix for this issue. As a temporary workaround, consider avoiding the processing of PDF files from untrusted sources until a patch is available. Restrict access to the PDF parsing functionality to minimize the risk of exploitation.