PT-2022-18472 · Autodesk · Autodesk 3Ds Max

Published

2022-05-10

Updated

2022-06-27

CVE-2022-27532

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Autodesk 3ds Max versions 2021 through 2022

Description A maliciously crafted TIF file can be used to write beyond the allocated buffer while parsing TIF files. This issue, in conjunction with other vulnerabilities, could lead to arbitrary code execution.

Recommendations For versions 2021 and 2022, update to a version that includes a fix for the TIF file parsing issue to prevent arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2022-27532

ZDI-22-719

ZDI-22-720

ZDI-22-721

Affected Products

Autodesk 3Ds Max

PT-2022-18472 · Autodesk · Autodesk 3Ds Max

CVE-2022-27532

Weakness Enumeration

Related Identifiers

Affected Products

References · 8