← back
CVE-2022-25790

CVE-2022-25790

EPSS 1.4%
A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated boundaries when parsing the DWF files. Exploitation of this vulnerability may lead to code execution.
Affected products
n/a · Autodesk Navisworks, Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0005