PT-2021-4402 · Autodesk · Autodesk Navisworks

Published

2021-09-14

Updated

2021-09-28

CVE-2021-27046

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Autodesk Navisworks versions 2019 through 2022

Description The issue is related to a Memory Corruption vulnerability when handling PDF files, potentially allowing code execution through maliciously crafted DLL files. This vulnerability may be exploited by loading arbitrary DLL files, leading to code execution.

Recommendations For Autodesk Navisworks versions 2019 through 2022, update to a version that includes the fix for this issue to prevent potential code execution through malicious PDF files.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2021-05032

CVE-2021-27046

ZDI-21-1063

Affected Products

Autodesk Navisworks

PT-2021-4402 · Autodesk · Autodesk Navisworks

CVE-2021-27046

Weakness Enumeration

Related Identifiers

Affected Products

References · 6