PT-2022-18654 · Autodesk · Autodesk Autocad

Published

2022-06-21

Updated

2022-06-30

CVE-2022-27868

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Autodesk AutoCAD version 2023

Description The issue is related to a use-after-free vulnerability that can be triggered by a maliciously crafted CAT file in Autodesk AutoCAD. This vulnerability may lead to code execution when exploited.

Recommendations For Autodesk AutoCAD version 2023, consider restricting the use of CAT files from untrusted sources until a patch is available. As a temporary workaround, avoid opening maliciously crafted CAT files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2022-27868

ZDI-22-944

Affected Products

Autodesk Autocad

PT-2022-18654 · Autodesk · Autodesk Autocad

CVE-2022-27868

Weakness Enumeration

Related Identifiers

Affected Products

References · 5