PT-2022-18471 · Autodesk · Autodesk 3Ds Max

Published

2022-06-16

Updated

2022-06-27

CVE-2022-27531

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Autodesk 3ds Max versions 2021 through 2022

Description A maliciously crafted TIF file can be forced to read beyond allocated boundaries when parsing the TIF files. This issue, in conjunction with other vulnerabilities, could lead to code execution in the context of the current process.

Recommendations For Autodesk 3ds Max version 2021, update to a version that fixes this issue. For Autodesk 3ds Max version 2022, update to a version that fixes this issue. As a temporary workaround, consider restricting the parsing of TIF files until a patch is available.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2022-27531

Affected Products

Autodesk 3Ds Max

PT-2022-18471 · Autodesk · Autodesk 3Ds Max

CVE-2022-27531

Weakness Enumeration

Related Identifiers

Affected Products

References · 5