CVE-2022-27524Out-of-bounds Read in DWG Trueview

CWE-125Out-of-bounds Read4 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.4%
top 41.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Autodesk DWG Trueview
Timeline
PublishedApr 13
Latest updateApr 14

Description

An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages1 packages

NVDautodesk/dwg_trueview20192019.1.4+3

🔴Vulnerability Details

2
GHSA
GHSA-4g4r-m9qf-wf8m: An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a malicious2022-04-14
CVEList
CVE-2022-27524: An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a malicious2022-04-13
CVE-2022-27524 — Out-of-bounds Read in DWG Trueview | cvebase