CVE-2021-27043: An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order…

high7.8CVSS 3.1

AVLACLPRNUIRSUCHIHAH

An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application.

Affected

41 ranges· showing 25

Vendor	Product	Version range	Fixed in
autodesk	advance_steel	>= 2019 < 2019.1.3	2019.1.3
autodesk	advance_steel	>= 2020 < 2020.1.4	2020.1.4
autodesk	advance_steel	>= 2021 < 2021.1.1	2021.1.1
autodesk	advance_steel	>= 2022 < 2022.0.1	2022.0.1
autodesk	autocad	>= 2019 < 2019.1.3	2019.1.3
autodesk	autocad	>= 2020 < 2020.1.4	2020.1.4
autodesk	autocad	>= 2021 < 2021.1.1	2021.1.1
autodesk	autocad	>= 2022 < 2022.0.1	2022.0.1
autodesk	autocad_architecture	>= 2019 < 2019.1.3	2019.1.3
autodesk	autocad_architecture	>= 2020 < 2020.1.4	2020.1.4
autodesk	autocad_architecture	>= 2021 < 2021.1.1	2021.1.1
autodesk	autocad_architecture	2022 – 2022.0.1	—
autodesk	autocad_electrical	>= 2019 < 2019.1.3	2019.1.3
autodesk	autocad_electrical	>= 2020 < 2020.1.4	2020.1.4
autodesk	autocad_electrical	>= 2021 < 2021.1.1	2021.1.1
autodesk	autocad_electrical	>= 2022 < 2022.0.1	2022.0.1
autodesk	autocad_lt	>= 2019 < 2019.1.3	2019.1.3
autodesk	autocad_lt	>= 2020 < 2020.1.4	2020.1.4
autodesk	autocad_lt	>= 2021 < 2021.1.1	2021.1.1
autodesk	autocad_lt	>= 2022 < 2022.0.1	2022.0.1
autodesk	autocad_map_3d	>= 2019 < 2019.1.3	2019.1.3
autodesk	autocad_map_3d	>= 2020 < 2020.1.4	2020.1.4
autodesk	autocad_map_3d	>= 2021 < 2021.1.1	2021.1.1
autodesk	autocad_map_3d	>= 2022 < 2022.0.1	2022.0.1
autodesk	autocad_mechanical	>= 2019 < 2019.1.3	2019.1.3