CVE-2022-41306

Published: Oct 14, 2022Modified: May 14, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Affected (1)

Products: Autodesk: Design Review

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Autodesk Design Review	Version 2018

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022

Source: psirt@autodesk.com

PatchVendor Advisory

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.