CVE-2021-27042 - Vulnerability Details

Vendors	Products
Autodesk	Advance Steel Autocad Autocad Architecture Autocad Electrical Autocad Lt Autocad Map 3d Autocad Mechanical Autocad Mep Autocad Plant 3d Civil 3d

Link	Providers
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D", "vendor": "n/a", "versions": [{"status": "affected", "version": "2022.1.1"}]}], "descriptions": [{"lang": "en", "value": "A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists because the application fails to handle a crafted DWG file, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code."}], "problemTypes": [{"descriptions": [{"description": "Memory Corruption Vulnerability ", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-04-13T17:06:06", "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "shortName": "autodesk"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@autodesk.com", "ID": "CVE-2021-27042", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D", "version": {"version_data": [{"version_value": "2022.1.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists because the application fails to handle a crafted DWG file, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Memory Corruption Vulnerability "}]}]}, "references": {"reference_data": [{"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007", "refsource": "MISC", "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:40:47.367Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007"}]}]}, "cveMetadata": {"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "assignerShortName": "autodesk", "cveId": "CVE-2021-27042", "datePublished": "2021-06-25T12:41:19", "dateReserved": "2021-02-09T00:00:00", "dateUpdated": "2024-08-03T20:40:47.367Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : 2022.1.1 (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists because the application fails to handle a crafted DWG file, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Memory Corruption Vulnerability (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2022-04-13T17:06:06 (string)

orgId : 7e40ea87-bc65-4944-9723-dd79dd760601 (string)

shortName : autodesk (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@autodesk.com (string)

ID : CVE-2021-27042 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D (string)

version : { »

version_data : [ »

0 : { »

version_value : 2022.1.1 (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists because the application fails to handle a crafted DWG file, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Memory Corruption Vulnerability (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007 (string)

refsource : MISC (string)

url : https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T20:40:47.367Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 7e40ea87-bc65-4944-9723-dd79dd760601 (string)

assignerShortName : autodesk (string)

cveId : CVE-2021-27042 (string)

datePublished : 2021-06-25T12:41:19 (string)

dateReserved : 2021-02-09T00:00:00 (string)

dateUpdated : 2024-08-03T20:40:47.367Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DDC0E547-C366-4A0E-95DE-EC420492E698", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8319413-E093-4931-B2DB-A46522DF93C9", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B350B87-23EC-44F8-9A5F-9AC815E15BD9", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAE14E69-8BCB-4E00-8BAB-CB7F1688DC27", "versionEndExcluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "A084A960-35D8-4B9C-87DE-0213CA40CAD8", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "20EE0BDC-3A97-4CD4-A232-922F8D613856", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "5FDD2042-5313-4658-AA4E-109684E91C43", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE031BD1-9F02-44C2-865E-2011511B36F5", "versionEndExcluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A51CDDA-0D83-4331-9AB6-F6ED076157F6", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "143F8B16-E253-477E-9875-94928BE5596B", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "607A4804-A286-4237-82C3-8BE98662AE20", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "967B286E-5E73-47E3-BC2F-951E26720370", "versionEndIncluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "64C50E3E-8EFA-4B0D-B284-CF8FE4129866", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBD4F808-CA46-4A8E-82DD-6D1A82DDF91C", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "DFD09E68-2C34-4E76-9B67-868FA6E825A6", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "08BC587D-E4C7-4758-8AF5-1970892C35C8", "versionEndExcluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "282A07AC-8D43-4580-8D2E-8E30370049F3", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "E37E4967-AC88-42D6-98C2-1BA63F20BD5C", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "49512EB3-DE17-45FF-AB90-2966462A9C3C", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "01A870BA-E78E-4975-BF6D-7D410BE8CD6C", "versionEndExcluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "6EF85630-3DDC-4026-AC5A-F1B197F98C9E", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5309100-B3E9-4144-AEA3-B9030E93FD78", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "954682D1-2E7A-4EAB-B4B8-43E2038EB7C7", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "1016D7F3-2780-4412-A7AA-361B44A8632E", "versionEndExcluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "A3D0B0D7-FC6F-43D8-85AA-AC0BD464E5A1", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF6DF983-6772-45D4-A82A-EE1BB2EEFD4F", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7ABD866-E08B-42F3-A19A-5574563AA540", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "6716F29E-FBA2-4178-A8AE-269D9CC5AC59", "versionEndExcluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "372905FF-2C9B-4366-BE56-36CACDA63BCD", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "D2F1DCEB-7ABB-4109-943A-E2DEFB17D330", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA49E2B8-CBF5-4F6E-A832-D1FDB597FADE", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CF7601F-D6A3-4CD6-961D-B8B1B82E29CE", "versionEndExcluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F285B8D-585C-4C23-98FA-E09DE53C8247", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "A10D9CEE-D92D-470D-928F-8F90243618EE", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "0199953B-BCAC-405E-BDC6-951BEAE01570", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBDFDF50-5230-41F1-B380-AD3EC4B53DB7", "versionEndExcluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6A3326B-382B-4137-B0E7-0D54E825B717", "versionEndExcluding": "2019.1.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "48F67A57-7528-406B-9BF1-6A963F732564", "versionEndExcluding": "2020.1.4", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "825FC323-CAE7-4B39-85AD-966980D30D89", "versionEndExcluding": "2021.1.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "F430EA73-2B9F-42D9-9005-42F439ABF63C", "versionEndExcluding": "2022.0.1", "versionStartIncluding": "2022", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists because the application fails to handle a crafted DWG file, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code."}, {"lang": "es", "value": "Un archivo DWG dise\u00f1ado maliciosamente puede ser usado para escribir m\u00e1s all\u00e1 del b\u00fafer asignado mientras se analizan los archivos DWG. La vulnerabilidad se presenta porque la aplicaci\u00f3n comete un fallo para manejar un archivo DWG dise\u00f1ado, lo que causa una excepci\u00f3n no manejada. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario"}], "id": "CVE-2021-27042", "lastModified": "2024-11-21T05:57:14.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-25T13:15:08.247", "references": [{"source": "psirt@autodesk.com", "tags": ["Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007"}], "sourceIdentifier": "psirt@autodesk.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DDC0E547-C366-4A0E-95DE-EC420492E698 (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B8319413-E093-4931-B2DB-A46522DF93C9 (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0B350B87-23EC-44F8-9A5F-9AC815E15BD9 (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : CAE14E69-8BCB-4E00-8BAB-CB7F1688DC27 (string)

versionEndExcluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A084A960-35D8-4B9C-87DE-0213CA40CAD8 (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 20EE0BDC-3A97-4CD4-A232-922F8D613856 (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5FDD2042-5313-4658-AA4E-109684E91C43 (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FE031BD1-9F02-44C2-865E-2011511B36F5 (string)

versionEndExcluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0A51CDDA-0D83-4331-9AB6-F6ED076157F6 (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 143F8B16-E253-477E-9875-94928BE5596B (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 607A4804-A286-4237-82C3-8BE98662AE20 (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 967B286E-5E73-47E3-BC2F-951E26720370 (string)

versionEndIncluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 64C50E3E-8EFA-4B0D-B284-CF8FE4129866 (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* (string)

matchCriteriaId : CBD4F808-CA46-4A8E-82DD-6D1A82DDF91C (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DFD09E68-2C34-4E76-9B67-868FA6E825A6 (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 08BC587D-E4C7-4758-8AF5-1970892C35C8 (string)

versionEndExcluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 282A07AC-8D43-4580-8D2E-8E30370049F3 (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E37E4967-AC88-42D6-98C2-1BA63F20BD5C (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 49512EB3-DE17-45FF-AB90-2966462A9C3C (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 01A870BA-E78E-4975-BF6D-7D410BE8CD6C (string)

versionEndExcluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6EF85630-3DDC-4026-AC5A-F1B197F98C9E (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F5309100-B3E9-4144-AEA3-B9030E93FD78 (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 954682D1-2E7A-4EAB-B4B8-43E2038EB7C7 (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1016D7F3-2780-4412-A7AA-361B44A8632E (string)

versionEndExcluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A3D0B0D7-FC6F-43D8-85AA-AC0BD464E5A1 (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AF6DF983-6772-45D4-A82A-EE1BB2EEFD4F (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F7ABD866-E08B-42F3-A19A-5574563AA540 (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6716F29E-FBA2-4178-A8AE-269D9CC5AC59 (string)

versionEndExcluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 372905FF-2C9B-4366-BE56-36CACDA63BCD (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D2F1DCEB-7ABB-4109-943A-E2DEFB17D330 (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EA49E2B8-CBF5-4F6E-A832-D1FDB597FADE (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8CF7601F-D6A3-4CD6-961D-B8B1B82E29CE (string)

versionEndExcluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5F285B8D-585C-4C23-98FA-E09DE53C8247 (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A10D9CEE-D92D-470D-928F-8F90243618EE (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0199953B-BCAC-405E-BDC6-951BEAE01570 (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FBDFDF50-5230-41F1-B380-AD3EC4B53DB7 (string)

versionEndExcluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F6A3326B-382B-4137-B0E7-0D54E825B717 (string)

versionEndExcluding : 2019.1.3 (string)

versionStartIncluding : 2019 (string)

vulnerable : true (boolean)

}

37 : { »

criteria : cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 48F67A57-7528-406B-9BF1-6A963F732564 (string)

versionEndExcluding : 2020.1.4 (string)

versionStartIncluding : 2020 (string)

vulnerable : true (boolean)

}

38 : { »

criteria : cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 825FC323-CAE7-4B39-85AD-966980D30D89 (string)

versionEndExcluding : 2021.1.1 (string)

versionStartIncluding : 2021 (string)

vulnerable : true (boolean)

}

39 : { »

criteria : cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F430EA73-2B9F-42D9-9005-42F439ABF63C (string)

versionEndExcluding : 2022.0.1 (string)

versionStartIncluding : 2022 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists because the application fails to handle a crafted DWG file, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code. (string)

}

1 : { »

lang : es (string)

value : Un archivo DWG diseñado maliciosamente puede ser usado para escribir más allá del búfer asignado mientras se analizan los archivos DWG. La vulnerabilidad se presenta porque la aplicación comete un fallo para manejar un archivo DWG diseñado, lo que causa una excepción no manejada. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código arbitrario (string)

}

]

id : CVE-2021-27042 (string)

lastModified : 2024-11-21T05:57:14.187 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2021-06-25T13:15:08.247 (string)

references : [ »

0 : { »

source : psirt@autodesk.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007 (string)

}

]

sourceIdentifier : psirt@autodesk.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-755 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object