CVE-2022-27524

Name of the Vulnerable Software and Affected Versions Autodesk TrueView version 2022

Description The issue is caused by an out-of-bounds read in the handling of maliciously crafted DWG files, potentially leading to exposure of sensitive information or a crash. In conjunction with other issues, this could result in code execution within the context of the current process. The vulnerability can be exploited by using a specially crafted DWG file as input, allowing an attacker to potentially execute arbitrary code.

Recommendations For Autodesk TrueView version 2022, consider avoiding the use of potentially malicious DWG files until a fix is available. As a temporary workaround, restrict the opening of untrusted DWG files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.