CVE-2022-33889

{"id": "CVE-2022-33889", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-10-03T15:15:17.633", "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0021", "tags": ["Vendor Advisory"], "source": "psirt@autodesk.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution."}, {"lang": "es", "value": "Un archivo GIF o JPEG dise\u00f1ado de forma maliciosa cuando es analizado mediante Autodesk Design Review versi\u00f3n 2018 y AutoCAD versiones 2023 y 2022, podr\u00eda usarse para escribir m\u00e1s all\u00e1 del b\u00fafer de la pila asignado. Esta vulnerabilidad podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario"}], "lastModified": "2022-10-05T13:21:50.967", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F867A29B-ABEA-40D8-9252-9129DBC4EEEC", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "480910B3-5FD0-47EF-98BA-FDFE22945BB0", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "354E7B7A-22BA-4EB2-B136-9622A8032167", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91A206DF-6922-4CF8-9481-E6A4A2953753", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0381CFD-48B1-4BA4-9961-64544267F852", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "729710F9-F4F9-4466-8FA2-22A0C0CF9420", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CEE7EBE-109D-43EC-9411-8169E589670A", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1C62E65-FD27-478A-A472-FBDA4C751BB5", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF33C631-4C2E-4A18-B5E8-A2037BF29196", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1A13743-F25B-47BC-902A-E7ADB9ACA577", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42E5B8D3-9B23-4DC0-B7CE-BB7EC8D981F0", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20E3E3AA-051D-44E2-BD4A-8EBFCFD11C8C", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2ACB4E3C-FE40-4416-8484-A3A3B6883286", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA7C36AC-ED97-4669-AD61-75AA00F0385C", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3107206-44ED-45CB-A218-AC8E12CD4409", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F4ADAD1-5627-4BD2-A72B-DEC95415261F", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3357899-6803-4D09-94F0-7A633DB05E85", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FDA3E45-B980-4715-80CC-C29B4A3900C3", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AC1E832-B725-4F72-812F-000ADE262DEA", "versionEndExcluding": "2022.1.3"}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A20490C-CDFD-4FCE-B5E3-1F2F78A0C531", "versionEndExcluding": "2023.1.1", "versionStartIncluding": "2023.0.0"}, {"criteria": "cpe:2.3:a:autodesk:design_review:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "376B6A4F-8AF5-4D6E-B39C-2E99F7A81BCD", "versionEndExcluding": "2018"}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6"}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71"}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254"}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15"}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "100922EF-C773-4798-B352-B16FCAD48F36"}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C7E8CE3-8A75-4357-8722-17E2CE2378CC"}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41A96F19-544E-471F-B6BF-9CC8E9403A2A"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@autodesk.com"}