Autodesk Autocad Electrical vulnerabilities
158 known vulnerabilities affecting autodesk/autocad_electrical.
Total CVEs
158
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH151MEDIUM2LOW1
Vulnerabilities
Page 7 of 8
CVE-2024-8589P3HIGHCVSS 7.8≥ 2025, < 2025.1.1≥ 2024, < 2024.1.7+2 more2024-10-29
CVE-2024-8589 [HIGH] CWE-125 CVE-2024-8589: A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
nvd
CVE-2013-3665P3MEDIUMCVSS 6.8v2011v2012+2 more2013-07-18
CVE-2013-3665 [MEDIUM] CVE-2013-3665: Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueVie
Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file.
nvd
CVE-2019-7364P3HIGHCVSS 7.8v2017v2018+2 more2019-08-23
CVE-2019-7364 [HIGH] CWE-427 CVE-2019-7364: DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civi
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL
nvd
CVE-2019-7359P3HIGHCVSS 7.8v20182019-04-09
CVE-2019-7359 [HIGH] CWE-787 CVE-2019-7359: An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Ste
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Au
nvd
CVE-2021-40160P3HIGHCVSS 7.8≥ 2022, < 2022.1.12021-12-23
CVE-2021-40160 [HIGH] CWE-125 CVE-2021-40160: PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a mali
PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code.
nvd
CVE-2021-40161P3HIGHCVSS 7.8fixed in 2019.1.4≥ 2020, < 2020.1.5+2 more2021-12-23
CVE-2021-40161 [HIGH] CWE-787 CVE-2021-40161: A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files t
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version.
nvd
CVE-2022-25790P3HIGHCVSS 7.8≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5+2 more2022-04-11
CVE-2022-25790 [HIGH] CWE-787 CVE-2022-25790: A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 20
A maliciously crafted DWF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated boundaries when parsing the DWF files. Exploitation of this vulnerability may lead to code execution.
nvd
CVE-2022-27529P3HIGHCVSS 7.8≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5+2 more2022-04-18
CVE-2022-27529 [HIGH] CWE-787 CVE-2022-27529: A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be u
A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be used to write beyond the allocated buffer while parsing PICT, BMP, PSD or TIF file. This vulnerability may be exploited to execute arbitrary code.
nvd
CVE-2022-25791P3HIGHCVSS 7.8≥ 2019, < 2019.1.4≥ 2020, < 2020.1.5+2 more2022-04-11
CVE-2022-25791 [HIGH] CWE-787 CVE-2022-25791: A Memory Corruption vulnerability for DWF and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019
A Memory Corruption vulnerability for DWF and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 may lead to code execution through maliciously crafted DLL files.
nvd
CVE-2024-23136P3HIGHCVSS 7.8≥ 2021, < 2021.1.4≥ 2022, < 2022.1.4+3 more2024-02-22
CVE-2024-23136 [HIGH] CWE-822 CVE-2024-23136: A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be u
A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
nvd
CVE-2022-33890P3HIGHCVSS 7.8fixed in 2022.1.3≥ 2023.0.0, < 2023.1.12022-10-03
CVE-2022-33890 [HIGH] CWE-787 CVE-2022-33890: A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead
A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
nvd
CVE-2022-42940P3HIGHCVSS 7.8v2019v2020+3 more2022-10-21
CVE-2022-42940 [HIGH] CWE-787 CVE-2022-42940: A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
nvd
CVE-2022-42943P3HIGHCVSS 7.8v2019v2020+3 more2022-10-21
CVE-2022-42943 [HIGH] CWE-787 CVE-2022-42943: A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead t
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
nvd
CVE-2022-42942P3HIGHCVSS 7.8v2019v2020+3 more2022-10-21
CVE-2022-42942 [HIGH] CWE-787 CVE-2022-42942: A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead t
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
nvd
CVE-2022-42944P3HIGHCVSS 7.8v2019v2020+3 more2022-10-21
CVE-2022-42944 [HIGH] CWE-787 CVE-2022-42944: A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead t
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
nvd
CVE-2022-42941P3HIGHCVSS 7.8v2019v2020+3 more2022-10-21
CVE-2022-42941 [HIGH] CWE-787 CVE-2022-42941: A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead t
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
nvd
CVE-2022-42939P3HIGHCVSS 7.8v2019v2020+3 more2022-10-21
CVE-2022-42939 [HIGH] CWE-787 CVE-2022-42939: A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
nvd
CVE-2022-42938P3HIGHCVSS 7.8v2019v2020+3 more2022-10-21
CVE-2022-42938 [HIGH] CWE-787 CVE-2022-42938: A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
nvd
CVE-2024-23159P3HIGHCVSS 7.8≥ 2022, < 2022.1.5≥ 2023, < 2023.1.6+2 more2024-06-25
CVE-2024-23159 [HIGH] CWE-457 CVE-2024-23159: A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications,
A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
nvd
CVE-2022-33886P3HIGHCVSS 7.8≥ 2022, < 2022.1.3≥ 2023, < 2023.1.12022-10-03
CVE-2022-33886 [HIGH] CWE-755 CVE-2022-33886: A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer while p
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer while parsing through Autodesk AutoCAD 2023, 2022, 2021, 2020, and Maya 2023 and 2022. The vulnerability exists because the application fails to handle crafted MODEL and SLDPRT files, which causes an unhandled exception. A malicious actor could leverage this v
nvd