PT-2022-26674 · Autodesk · Autodesk Maya
Published
2022-12-19
·
Updated
2023-04-17
·
CVE-2022-42947
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Autodesk Maya versions 2022 through 2023
Description
A maliciously crafted X B file can be used to write beyond the allocated buffer when parsed through Autodesk Maya. This issue can lead to arbitrary code execution.
Recommendations
For Autodesk Maya version 2022, update to a version that fixes the out-of-bounds write issue.
For Autodesk Maya version 2023, update to a version that fixes the out-of-bounds write issue.
As a temporary workaround, consider restricting the use of X B files in Autodesk Maya until a patch is available.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Autodesk Maya