← back
CVE-2021-27040

CVE-2021-27040

EPSS 2.7%
A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can be exploited to execute arbitrary code.
Affected products
n/a · Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0004https://www.zerodayinitiative.com/advisories/ZDI-21-1236/https://www.zerodayinitiative.com/advisories/ZDI-21-1238/https://www.zerodayinitiative.com/advisories/ZDI-22-378/https://www.zerodayinitiative.com/advisories/ZDI-22-473/