CVE-2021-27042

2021-06-2512:41:19

autodesk

www.cve.org

cve-2021-27042

buffer overflow

arbitrary code execution

unhandled exception

dwg file parsing

EPSS

0.001

Percentile

50.0%

JSON

A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists because the application fails to handle a crafted DWG file, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code.

CNA Affected

[
  {
    "product": "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "2022.1.1"
      }
    ]
  }
]

References

www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007

EPSS

0.001

Percentile

50.0%

JSON

Related for CVELIST:CVE-2021-27042