CVE-2022-27529: A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be used to write beyond the allocated buffer while parsing…

high7.8CVSS 3.1

AVLACLPRNUIRSUCHIHAH

A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be used to write beyond the allocated buffer while parsing PICT, BMP, PSD or TIF file. This vulnerability may be exploited to execute arbitrary code.

Affected

42 ranges· showing 25

Vendor	Product	Version range	Fixed in
autodesk	advance_steel	>= 2019 < 2019.1.4	2019.1.4
autodesk	advance_steel	>= 2020 < 2020.1.5	2020.1.5
autodesk	advance_steel	>= 2021 < 2021.1.2	2021.1.2
autodesk	advance_steel	>= 2022 < 2022.1.2	2022.1.2
autodesk	autocad	>= 2019 < 2019.1.4	2019.1.4
autodesk	autocad	>= 2020 < 2020.1.5	2020.1.5
autodesk	autocad	>= 2021 < 2021.1.2	2021.1.2
autodesk	autocad	>= 2022 < 2022.1.2	2022.1.2
autodesk	autocad	>= 2022 < 2022.2.2	2022.2.2
autodesk	autocad_architecture	>= 2019 < 2019.1.4	2019.1.4
autodesk	autocad_architecture	>= 2020 < 2020.1.5	2020.1.5
autodesk	autocad_architecture	>= 2021 < 2021.1.2	2021.1.2
autodesk	autocad_architecture	>= 2022 < 2022.1.2	2022.1.2
autodesk	autocad_electrical	>= 2019 < 2019.1.4	2019.1.4
autodesk	autocad_electrical	>= 2020 < 2020.1.5	2020.1.5
autodesk	autocad_electrical	>= 2021 < 2021.1.2	2021.1.2
autodesk	autocad_electrical	>= 2022 < 2022.1.2	2022.1.2
autodesk	autocad_lt	>= 2019 < 2019.1.4	2019.1.4
autodesk	autocad_lt	>= 2020 < 2020.1.5	2020.1.5
autodesk	autocad_lt	>= 2021 < 2021.1.2	2021.1.2
autodesk	autocad_lt	>= 2022 < 2022.1.2	2022.1.2
autodesk	autocad_lt	>= 2022 < 2022.2.2	2022.2.2
autodesk	autocad_map_3d	>= 2019 < 2019.1.4	2019.1.4
autodesk	autocad_map_3d	>= 2020 < 2020.1.5	2020.1.5
autodesk	autocad_map_3d	>= 2021 < 2021.1.2	2021.1.2