CVE-2022-33883

Published: Oct 3, 2022Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A malicious crafted file consumed through Moldflow Synergy, Moldflow Adviser, Moldflow Communicator, and Advanced Material Exchange applications could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Affected (8)

Products: Autodesk: Advanced Material Exchange, Moldflow Adviser, Moldflow Communicator, Moldflow Synergy

Autodesk

4 products

Advanced Material Exchange

Moldflow Adviser

Moldflow Communicator

Moldflow Synergy

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Autodesk Advanced Material Exchange	Version 2019
Autodesk Advanced Material Exchange	Version 2021
Autodesk Moldflow Adviser	Version 2019
Autodesk Moldflow Adviser	Version 2021
Autodesk Moldflow Communicator	Version 2019
Autodesk Moldflow Communicator	Version 2021
Autodesk Moldflow Synergy	Version 2019
Autodesk Moldflow Synergy	Version 2021

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0019

Source: psirt@autodesk.com

Vendor Advisory

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0019

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.