CVE-2022-33884 — Out-of-bounds Read in Autocad
Severity
7.5HIGHNVD
EPSS
0.8%
top 26.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 3
Latest updateOct 4
Description
Parsing a maliciously crafted X_B file can force Autodesk AutoCAD 2023 and 2022 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6
Affected Packages10 packages
🔴Vulnerability Details
2GHSA▶
GHSA-mq4p-28ww-vqj8: Parsing a maliciously crafted X_B file can force Autodesk AutoCAD 2023 and 2022 to read beyond allocated boundaries↗2022-10-04
CVEList▶
CVE-2022-33884: Parsing a maliciously crafted X_B file can force Autodesk AutoCAD 2023 and 2022 to read beyond allocated boundaries↗2022-10-03