CVE-2022-27869Out-of-bounds Read in Autocad

CWE-125Out-of-bounds ReadCWE-787Out-of-bounds Write3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.4%
top 41.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Autodesk Autocad
Timeline
PublishedJun 21
Latest updateJun 22

Description

A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-p5r7-g898-v8p3: A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file2022-06-22
CVEList
CVE-2022-27869: A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file2022-06-21
CVE-2022-27869 — Out-of-bounds Read in Autodesk Autocad | cvebase