CVE-2021-40166 - Vulnerability Details

A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Autodesk	Autocad Autocad Advance Steel Autocad Architecture Autocad Civil 3d Autocad Electrical Autocad Lt Autocad Map 3d Autocad Mechanical Autocad Mep Autocad Plant 3d Design Review Dwg Trueview Fusion Infrastructure Parts Editor Infraworks Inventor Navisworks Revit Storm And Sanitary Analysis

Configuration 1 [-]

OR	cpe:2.3:a:autodesk:autocad::::::::
	cpe:2.3:a:autodesk:autocad::::::::
	cpe:2.3:a:autodesk:autocad::::::::
	cpe:2.3:a:autodesk:autocad::::::::
	cpe:2.3:a:autodesk:autocad_advance_steel::::::::
	cpe:2.3:a:autodesk:autocad_advance_steel::::::::
	cpe:2.3:a:autodesk:autocad_advance_steel::::::::
	cpe:2.3:a:autodesk:autocad_advance_steel::::::::
	cpe:2.3:a:autodesk:autocad_architecture::::::::
	cpe:2.3:a:autodesk:autocad_architecture::::::::
	cpe:2.3:a:autodesk:autocad_architecture::::::::
	cpe:2.3:a:autodesk:autocad_architecture::::::::
	cpe:2.3:a:autodesk:autocad_civil_3d::::::::
	cpe:2.3:a:autodesk:autocad_civil_3d::::::::
	cpe:2.3:a:autodesk:autocad_civil_3d::::::::
	cpe:2.3:a:autodesk:autocad_civil_3d::::::::
	cpe:2.3:a:autodesk:autocad_electrical::::::::
	cpe:2.3:a:autodesk:autocad_electrical::::::::
	cpe:2.3:a:autodesk:autocad_electrical::::::::
	cpe:2.3:a:autodesk:autocad_electrical::::::::
	cpe:2.3:a:autodesk:autocad_lt::::::::
	cpe:2.3:a:autodesk:autocad_lt::::::::
	cpe:2.3:a:autodesk:autocad_lt::::::macos::*
	cpe:2.3:a:autodesk:autocad_lt::::::::
	cpe:2.3:a:autodesk:autocad_lt::::::macos::*
	cpe:2.3:a:autodesk:autocad_lt::::::::
	cpe:2.3:a:autodesk:autocad_lt::::::macos::*
	cpe:2.3:a:autodesk:autocad_map_3d::::::::
	cpe:2.3:a:autodesk:autocad_map_3d::::::::
	cpe:2.3:a:autodesk:autocad_map_3d::::::::
	cpe:2.3:a:autodesk:autocad_map_3d::::::::
	cpe:2.3:a:autodesk:autocad_mechanical::::::::
	cpe:2.3:a:autodesk:autocad_mechanical::::::::
	cpe:2.3:a:autodesk:autocad_mechanical::::::::
	cpe:2.3:a:autodesk:autocad_mechanical::::::::
	cpe:2.3:a:autodesk:autocad_mep::::::::
	cpe:2.3:a:autodesk:autocad_mep::::::::
	cpe:2.3:a:autodesk:autocad_mep::::::::
	cpe:2.3:a:autodesk:autocad_mep::::::::
	cpe:2.3:a:autodesk:autocad_plant_3d::::::::
	cpe:2.3:a:autodesk:autocad_plant_3d::::::::
	cpe:2.3:a:autodesk:autocad_plant_3d::::::::
	cpe:2.3:a:autodesk:autocad_plant_3d::::::::
	cpe:2.3:a:autodesk:design_review:2018:-::::::
	cpe:2.3:a:autodesk:design_review:2018:hotfix::::::
	cpe:2.3:a:autodesk:design_review:2018:hotfix2::::::
	cpe:2.3:a:autodesk:design_review:2018:hotfix3::::::
	cpe:2.3:a:autodesk:dwg_trueview::::::::
	cpe:2.3:a:autodesk:dwg_trueview::::::::
	cpe:2.3:a:autodesk:dwg_trueview::::::::
	cpe:2.3:a:autodesk:dwg_trueview::::::::
	cpe:2.3:a:autodesk:fusion::::::::
	cpe:2.3:a:autodesk:infrastructure_parts_editor::::::::
	cpe:2.3:a:autodesk:infrastructure_parts_editor::::::::
	cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:::::::*
	cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:::::::*
	cpe:2.3:a:autodesk:infraworks::::::::
	cpe:2.3:a:autodesk:infraworks::::::::
	cpe:2.3:a:autodesk:infraworks::::::::
	cpe:2.3:a:autodesk:infraworks:2019.3:-::::::
	cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1::::::
	cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2::::::
	cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3::::::
	cpe:2.3:a:autodesk:infraworks:2020.2:-::::::
cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1::::::
cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2::::::
cpe:2.3:a:autodesk:infraworks:2021.2:-::::::
cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1::::::
cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2::::::
cpe:2.3:a:autodesk:infraworks:2022.0:-::::::
cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1::::::
cpe:2.3:a:autodesk:infraworks:2022.1:::::::*
cpe:2.3:a:autodesk:inventor::::::::
cpe:2.3:a:autodesk:inventor::::::::
cpe:2.3:a:autodesk:inventor::::::::
cpe:2.3:a:autodesk:inventor::::::::
cpe:2.3:a:autodesk:navisworks::::::::
cpe:2.3:a:autodesk:navisworks::::::::
cpe:2.3:a:autodesk:navisworks::::::::
cpe:2.3:a:autodesk:navisworks::::::::
cpe:2.3:a:autodesk:revit::::::::
cpe:2.3:a:autodesk:revit::::::::
cpe:2.3:a:autodesk:revit::::::::
cpe:2.3:a:autodesk:revit:2022:::::::*
cpe:2.3:a:autodesk:storm_and_sanitary_analysis::::::::
cpe:2.3:a:autodesk:storm_and_sanitary_analysis::::::::
cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:::::::*
cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:::::::*

No data.

References

Link	Providers
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011

History

No history.

MITRE

Status: PUBLISHED

Assigner: autodesk

Published: 2022-10-07T00:00:00

Updated: 2024-08-04T02:27:31.562Z

Reserved: 2021-08-27T00:00:00

Link: CVE-2021-40166

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-10-07T18:15:14.743

Modified: 2024-11-21T06:23:42.607

Link: CVE-2021-40166

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-40166", "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "assignerShortName": "autodesk", "dateUpdated": "2024-08-04T02:27:31.562Z", "dateReserved": "2021-08-27T00:00:00", "datePublished": "2022-10-07T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "shortName": "autodesk", "dateUpdated": "2022-10-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."}], "affected": [{"vendor": "n/a", "product": "Revit, Inventor, Infraworks, Navisworks, Fusion, Infrastructure Parts Editors, Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D", "versions": [{"version": "2022, 2021, 2020, 2019", "status": "affected"}]}], "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Use-After-Free"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T02:27:31.562Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*", "matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709", "versionEndExcluding": "2020.3.2", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*", "matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E", "versionEndExcluding": "2021.2.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*", "matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA", "versionEndExcluding": "2022.2.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299", "versionEndExcluding": "2022.1.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*", "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*", "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*", "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*", "matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29", "versionEndExcluding": "2019.1.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*", "matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398", "versionEndExcluding": "2020.1.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*", "matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B", "versionEndExcluding": "2021.1.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*", "matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA", "versionEndExcluding": "2022.1.1", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A", "versionEndExcluding": "2.0.11405", "versionStartIncluding": "2.0.10356", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B", "versionEndExcluding": "2019.2.2", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*", "matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34", "versionEndExcluding": "2020.0.2", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*", "matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*", "matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*", "matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F", "versionEndExcluding": "2019.3", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*", "matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797", "versionEndExcluding": "2020.2", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425", "versionEndExcluding": "2021.2", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*", "matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*", "matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*", "matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*", "matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*", "matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*", "matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*", "matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*", "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*", "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*", "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*", "matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*", "matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*", "matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F", "versionEndExcluding": "2019.6", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*", "matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83", "versionEndExcluding": "2020.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*", "matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142", "versionEndExcluding": "2021.4", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*", "matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0", "versionEndExcluding": "2022.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51", "versionEndExcluding": "2019.7", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7", "versionEndExcluding": "2020.5", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5", "versionEndExcluding": "2021.4", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC", "versionEndExcluding": "2022.2", "versionStartIncluding": "2022", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*", "matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523", "versionEndExcluding": "2019.2.4", "versionStartIncluding": "2019", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*", "matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7", "versionEndExcluding": "2020.2.6", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*", "matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE", "versionEndExcluding": "2021.1.5", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*", "matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A", "versionEndExcluding": "2020.3.1", "versionStartIncluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A", "versionEndExcluding": "2021.3.1", "versionStartIncluding": "2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*", "matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*", "matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code."}, {"lang": "es", "value": "Un archivo PNG dise\u00f1ado de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk puede usarse para intentar liberar un objeto que ya ha sido liberado mientras es analizado. Esta vulnerabilidad puede ser explotada por atacantes para ejecutar c\u00f3digo arbitrario"}], "id": "CVE-2021-40166", "lastModified": "2024-11-21T06:23:42.607", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-07T18:15:14.743", "references": [{"source": "psirt@autodesk.com", "tags": ["Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"}], "sourceIdentifier": "psirt@autodesk.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object