CVE-2022-42942

Published: Oct 21, 2022Modified: May 8, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Affected (53)

Products: Autodesk: Autocad, Autocad Advance Steel, Autocad Architecture, Autocad Civil 3d, Autocad Electrical, Autocad Lt, Autocad Map 3d, Autocad Mechanical, Autocad Mep, Autocad Plant 3d, Design Review

Autodesk

11 products

Autocad

Autocad Advance Steel

Configuration A

53 vulnerable

Vulnerable Software	Affected Versions
Autodesk Autocad	Version 2019
Autodesk Autocad	Version 2020
Autodesk Autocad	Version 2021
Autodesk Autocad	Version 2022
Autodesk Autocad	Version 2022
Autodesk Autocad	Version 2023
Autodesk Autocad Advance Steel	Version 2019
Autodesk Autocad Advance Steel	Version 2020
Autodesk Autocad Advance Steel	Version 2021
Autodesk Autocad Advance Steel	Version 2022
Autodesk Autocad Advance Steel	Version 2023
Autodesk Autocad Architecture	Version 2019
Autodesk Autocad Architecture	Version 2020
Autodesk Autocad Architecture	Version 2021
Autodesk Autocad Architecture	Version 2022
Autodesk Autocad Architecture	Version 2023
Autodesk Autocad Civil 3d	Version 2019
Autodesk Autocad Civil 3d	Version 2020
Autodesk Autocad Civil 3d	Version 2021
Autodesk Autocad Civil 3d	Version 2022
Autodesk Autocad Civil 3d	Version 2023
Autodesk Autocad Electrical	Version 2019
Autodesk Autocad Electrical	Version 2020
Autodesk Autocad Electrical	Version 2021
Autodesk Autocad Electrical	Version 2022
Autodesk Autocad Electrical	Version 2023
Autodesk Autocad Lt	Version 2019
Autodesk Autocad Lt	Version 2020
Autodesk Autocad Lt	Version 2021
Autodesk Autocad Lt	Version 2022
Autodesk Autocad Lt	Version 2022
Autodesk Autocad Lt	Version 2023
Autodesk Autocad Map 3d	Version 2019
Autodesk Autocad Map 3d	Version 2020
Autodesk Autocad Map 3d	Version 2021
Autodesk Autocad Map 3d	Version 2022
Autodesk Autocad Map 3d	Version 2023
Autodesk Autocad Mechanical	Version 2019
Autodesk Autocad Mechanical	Version 2020
Autodesk Autocad Mechanical	Version 2021
Autodesk Autocad Mechanical	Version 2022
Autodesk Autocad Mechanical	Version 2023
Autodesk Autocad Mep	Version 2019
Autodesk Autocad Mep	Version 2020
Autodesk Autocad Mep	Version 2021
Autodesk Autocad Mep	Version 2022
Autodesk Autocad Mep	Version 2023
Autodesk Autocad Plant 3d	Version 2019
Autodesk Autocad Plant 3d	Version 2020
Autodesk Autocad Plant 3d	Version 2021
Autodesk Autocad Plant 3d	Version 2022
Autodesk Autocad Plant 3d	Version 2023
Autodesk Design Review	Version 2018

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004

Source: psirt@autodesk.com

PatchVendor Advisory

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.