CVE-2021-40164

Severity

7.8HIGH

EPSS

0.1%

top 68.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 7

Description

A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶NVDautodesk/revit2019 — 2019.2.4+3

▶NVDautodesk/fusion2.0.10356 — 2.0.11405

▶NVDautodesk/autocad2019 — 2019.1.4+3

▶NVDautodesk/inventor2019 — 2019.6+3

▶NVDautodesk/autocad_lt2019 — 2019.1.4+6

GHSA

GHSA-h7fr-8788-39j9: A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files↗2022-10-07

▶

CVEList

CVE-2021-40164: A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files↗2022-10-07

▶

Autodesk Autocad≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2021, < 2021.1.2+1 more

Autodesk Autocad Advance Steel≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2021, < 2021.1.2+1 more

Autodesk Autocad Architecture≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2021, < 2021.1.2+1 more

Autodesk Autocad Civil 3D≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2021, < 2021.1.2+1 more

Autodesk Autocad Electrical≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2021, < 2021.1.2+1 more

Autodesk Autocad LT≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2020, < 2020.3.2+4 more

Autodesk Autocad MAP 3D≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2021, < 2021.1.2+1 more

Autodesk Autocad Mechanical≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2021, < 2021.1.2+1 more

Autodesk Autocad MEP≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2021, < 2021.1.2+1 more

Autodesk Autocad Plant 3D≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5≥ 2021, < 2021.1.2+1 more

PublishedOct 7, 2022