Lucene search

[email protected]CVE-2022-33882

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2022-33882

2022-10-0316:15:12

[email protected]

web.nvd.nist.gov

cve-2022-33882

autodesk

ada

vulnerability

file delete

privilege escalation

arbitrary code

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.6%

JSON

Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code.

Affected configurations

NVD

Node

autodeskautodesk_desktopRange≤8.4.0.50

CPENameOperatorVersion
autodesk:autodesk_desktopautodesk autodesk desktople8.4.0.50

CPE	Name	Operator	Version
autodesk:autodesk_desktop	autodesk autodesk desktop	le	8.4.0.50

CNA Affected

[
  {
    "product": "Autodesk desktop app",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "8.4.0.50 and prior versions"
      }
    ]
  }
]

References

www.autodesk.com/trust/security-advisories/adsk-sa-2022-0015

Social References

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.6%

JSON

Related for CVE-2022-33882

prion1 nvd1 zdi2 cvelist1