CVE-2022-42945Uncontrolled Search Path Element in DWG Trueview

CWE-427Uncontrolled Search Path Element3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 66.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Autodesk DWG Trueview
Timeline
PublishedDec 19

Description

DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5autodesk/dwg_trueview2023

🔴Vulnerability Details

2
GHSA
GHSA-fx95-q83h-x9m8: DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability2022-12-19
CVEList
CVE-2022-42945: DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability2022-12-19
CVE-2022-42945 — Uncontrolled Search Path Element | cvebase