CVE-2022-41302

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

7.8HIGH

EPSS

0.1%

top 80.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Autodesk FBX Software Development KIT

Timeline

PublishedOct 14

Description

An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDautodesk/fbx_software_development_kit2020.0

▶CVEListV5fbx_sdk2020.3.1

Patches

Patch: www.autodesk.com ↗Patch: www.autodesk.com ↗

🔴Vulnerability Details

GHSA

GHSA-268r-qqf3-5wj6: An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020↗2022-10-14

▶

CVEList

CVE-2022-41302: An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020↗2022-10-14

▶