CVE-2022-33887Improper Handling of Exceptional Conditions in Autocad

CWE-755Improper Handling of Exceptional Conditions3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 69.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Autodesk AutocadAutodesk Autocad Advance SteelAutodesk Autocad Architecture+7 more
Timeline
PublishedOct 3
Latest updateOct 4

Description

A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages10 packages

NVDautodesk/autocad20222022.1.3+1
NVDautodesk/autocad_lt20222022.1.3+1
NVDautodesk/autocad_mep20222022.1.3+1
NVDautodesk/autocad_map_3d20222022.1.3+1
NVDautodesk/autocad_civil_3d20222022.1.3+1

🔴Vulnerability Details

2
GHSA
GHSA-m974-9c77-6xhp: A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception2022-10-04
CVEList
CVE-2022-33887: A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception2022-10-03
CVE-2022-33887 — Autodesk Autocad vulnerability | cvebase