← Back

CVE-2021-27040

nvd nist
Published: Jun 25, 2021Modified: Nov 21, 2024

JSON object

Loading...
3.3
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Exploitability: 1.8 / Impact: 1.4
Source: NVD

Description

A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can be exploited to execute arbitrary code.

Affected (43)

Autodesk
11 products
Advance Steel
Autocad
Autocad Architecture
Autocad Electrical
Autocad Lt
Autocad Map 3d
Autocad Mechanical
Autocad Mep
Autocad Plant 3d
Civil 3d
Dwg Trueview
Iconics
1 product
Genesis64
Mitsubishielectric
1 product
Mc Works64
Configuration A
41 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Advance Steel
From 2019 to 2019.1.3
Advance Steel
From 2020 to 2020.1.4
Advance Steel
From 2021 to 2021.1.1
Advance Steel
From 2022 to 2022.0.1
Autodesk
Autocad
From 2019 to 2019.1.3
Autocad
From 2020 to 2020.1.4
Autocad
From 2021 to 2021.1.1
Autocad
From 2022 to 2022.0.1
Autodesk
Autocad Architecture
From 2019 to 2019.1.3
Autocad Architecture
From 2020 to 2020.1.4
Autocad Architecture
From 2021 to 2021.1.1
Autocad Architecture
From 2022 to 2022.0.1
Autodesk
Autocad Electrical
From 2019 to 2019.1.3
Autocad Electrical
From 2020 to 2020.1.4
Autocad Electrical
From 2021 to 2021.1.1
Autocad Electrical
From 2022 to 2022.0.1
Autodesk
Autocad Lt
From 2019 to 2019.1.3
Autocad Lt
From 2020 to 2020.1.4
Autocad Lt
From 2021 to 2021.1.1
Autocad Lt
From 2022 to 2022.0.1
Autodesk
Autocad Map 3d
From 2019 to 2019.1.3
Autocad Map 3d
From 2020 to 2020.1.4
Autocad Map 3d
From 2021 to 2021.1.1
Autocad Map 3d
From 2022 to 2022.0.1
Autodesk
Autocad Mechanical
From 2019 to 2019.1.3
Autocad Mechanical
From 2020 to 2020.1.4
Autocad Mechanical
From 2021 to 2021.1.1
Autocad Mechanical
From 2022 to 2022.0.1
Autodesk
Autocad Mep
From 2019 to 2019.1.3
Autocad Mep
From 2020 to 2020.1.4
Autocad Mep
From 2021 to 2021.1.1
Autocad Mep
From 2022 to 2022.0.1
Autodesk
Autocad Plant 3d
From 2019 to 2019.1.3
Autocad Plant 3d
From 2020 to 2020.1.4
Autocad Plant 3d
From 2021 to 2021.1.1
Autocad Plant 3d
From 2022 to 2022.0.1
Autodesk
Civil 3d
From 2019 to 2019.1.3
Civil 3d
From 2020 to 2020.1.4
Civil 3d
From 2021 to 2021.1.1
Civil 3d
From 2022 to 2022.0.1
Dwg Trueview
From 2022 to 2022.1.1
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Genesis64
Up to 10.97
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Mc Works64
Up to 4.04e

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (10)

Source: psirt@autodesk.com
Vendor Advisory
Source: psirt@autodesk.com
Third Party AdvisoryVDB Entry
Source: psirt@autodesk.com
Third Party AdvisoryVDB Entry
Source: psirt@autodesk.com
Third Party AdvisoryVDB Entry
Source: psirt@autodesk.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.