← Back

CVE-2021-40161

nvd nist
Published: Dec 23, 2021Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version.

Affected (59)

Autodesk
13 products
Revit
Navisworks
Advance Steel
Autocad
Autocad Architecture
Autocad Electrical
Autocad Map 3d
Autocad Mechanical
Autocad Mep
Autocad Plant 3d
Autocad Lt
Civil 3d
Design Review
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Revit
Before 2020.2.5
Revit
From 2021 to 2021.1.6
Revit
From 2022 to 2022.1.2
Configuration B
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Navisworks
Before 2019.6
Navisworks
From 2020 to 2020.4
Navisworks
From 2021 to 2021.3
Navisworks
From 2022 to 2022.2
Configuration C
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Advance Steel
Before 2019.1.4
Advance Steel
From 2020 to 2020.1.5
Advance Steel
From 2021 to 2021.1.2
Advance Steel
From 2022 to 2022.1.2
Configuration D
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad
Before 2019.1.4
Autocad
From 2020 to 2020.1.5
Autocad
From 2021 to 2021.1.2
Autocad
From 2022 to 2022.1.2
Configuration E
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad Architecture
Before 2019.1.4
Autocad Architecture
From 2020 to 2020.1.5
Autocad Architecture
From 2021 to 2021.1.2
Autocad Architecture
From 2022 to 2022.1.2
Configuration F
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad Electrical
Before 2019.1.4
Autocad Electrical
From 2020 to 2020.1.5
Autocad Electrical
From 2021 to 2021.1.2
Autocad Electrical
From 2022 to 2022.1.2
Configuration G
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad Map 3d
Before 2019.1.4
Autocad Map 3d
From 2020 to 2020.1.5
Autocad Map 3d
From 2021 to 2021.1.2
Autocad Map 3d
From 2022 to 2022.1.2
Configuration H
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad Mechanical
Before 2019.1.4
Autocad Mechanical
From 2020 to 2020.1.5
Autocad Mechanical
From 2021 to 2021.1.2
Autocad Mechanical
From 2022 to 2022.1.2
Configuration I
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad Mep
Before 2019.1.4
Autocad Mep
From 2020 to 2020.1.5
Autocad Mep
From 2021 to 2021.1.2
Autocad Mep
From 2022 to 2022.1.2
Configuration J
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad Plant 3d
Before 2019.1.4
Autocad Plant 3d
From 2020 to 2020.1.5
Autocad Plant 3d
From 2021 to 2021.1.2
Autocad Plant 3d
From 2022 to 2022.1.2
Configuration K
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad Lt
Before 2019.1.4
Autocad Lt
From 2020 to 2020.1.5
Autocad Lt
From 2021 to 2021.1.2
Autocad Lt
From 2022 to 2022.1.2
Configuration L
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Civil 3d
Before 2019.1.4
Civil 3d
From 2020 to 2020.1.5
Civil 3d
From 2021 to 2021.1.2
Civil 3d
From 2022 to 2022.1.2
Configuration M
4 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad
After 2022 to 2022.2
Autocad
Version 2020
Autocad
Version 2021
Autocad
Version 2022
Configuration N
3 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Autocad Lt
From 2022 to 2022.2
Autocad Lt
Version 2020
Autocad Lt
Version 2021
Configuration O
5 vulnerable
Vulnerable SoftwareAffected Versions
Autodesk
Design Review
Version 2018
Design Review
Version 2018 hotfix2
Design Review
Version 2018 hotfix3
Design Review
Version 2018 hotfix4
Design Review
Version 2018 hotfix

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

Source: psirt@autodesk.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.