Autodesk Autocad Civil 3d vulnerabilities

• CVE-2023-27912 ● 1 month ago

  A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.

  autodesk:autocad_civil_3d autodesk:autocad_electrical autodesk:autocad_map_3d autodesk:autocad_architecture autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_mep autodesk:autocad_mechanical

• CVE-2023-27913 ● 1 month ago

  A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to cause an Integer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data, or execute arbitrary code in the context of the current process.

  autodesk:autocad_civil_3d autodesk:autocad_electrical autodesk:autocad_map_3d autodesk:autocad_architecture autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_mep autodesk:autocad_mechanical

• CVE-2023-27915 ● 1 month ago

  A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_civil_3d autodesk:autocad_electrical autodesk:autocad_map_3d autodesk:autocad_architecture autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_mep autodesk:autocad_mechanical

• CVE-2023-27914 ● 1 month ago

  A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.

  autodesk:autocad_civil_3d autodesk:autocad_electrical autodesk:autocad_map_3d autodesk:autocad_architecture autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_mep autodesk:autocad_mechanical

• CVE-2023-29067 ● 1 month ago

  A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_electrical autodesk:autocad_architecture autodesk:autocad autodesk:autocad_advance_steel autodesk:autocad_mechanical autodesk:autocad_civil_3d autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:autocad_lt autodesk:autocad_mep

• ZDI-23-100 ● 4 months ago

  This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Maya. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

  autodesk:maya autodesk:autocad_map_3d autodesk:autocad_mep autodesk:autocad_plant_3d autodesk:autocad_electrical autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad autodesk:autocad_civil_3d autodesk:autocad_lt

Get alerts for Autodesk Autocad Civil 3d

• CVE-2022-42934 ● 7 months ago

  A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad autodesk:autocad_architecture autodesk:autocad_civil_3d autodesk:autocad_lt autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:design_review

• CVE-2022-41309 ● 7 months ago

  A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad_lt autodesk:autocad_civil_3d autodesk:autocad autodesk:autocad_architecture autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:design_review

• CVE-2022-41310 ● 7 months ago

  A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad autodesk:autocad_architecture autodesk:autocad_civil_3d autodesk:autocad_lt autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:design_review

• CVE-2022-42933 ● 7 months ago

  A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad autodesk:autocad_architecture autodesk:autocad_civil_3d autodesk:autocad_lt autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:design_review

• CVE-2022-42935 ● 7 months ago

  A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad autodesk:autocad_architecture autodesk:autocad_civil_3d autodesk:autocad_lt autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:design_review

• CVE-2022-42943 ● 7 months ago

  A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad autodesk:autocad_architecture autodesk:autocad_civil_3d autodesk:autocad_lt autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:design_review

Get alerts for Autodesk Autocad Civil 3d

• CVE-2022-42944 ● 7 months ago

  A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad autodesk:autocad_architecture autodesk:autocad_civil_3d autodesk:autocad_lt autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:design_review

• CVE-2022-42939 ● 7 months ago

  A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad_plant_3d autodesk:design_review autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad

• CVE-2022-42936 ● 7 months ago

  A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad_plant_3d autodesk:design_review autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad

• CVE-2022-42937 ● 7 months ago

  A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad_plant_3d autodesk:design_review autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad

• CVE-2022-42941 ● 7 months ago

  A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad_plant_3d autodesk:design_review autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad

• CVE-2022-42938 ● 7 months ago

  A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad_plant_3d autodesk:design_review autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad

Get alerts for Autodesk Autocad Civil 3d

• CVE-2022-42940 ● 7 months ago

  A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad_plant_3d autodesk:design_review autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad

• CVE-2022-42942 ● 7 months ago

  A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_lt autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad_plant_3d autodesk:design_review autodesk:autocad_electrical autodesk:autocad_mep autodesk:autocad

• CVE-2021-40163 ● 7 months ago

  A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.

  autodesk:storm_and_sanitary_analysis autodesk:autocad_mechanical autodesk:autocad_plant_3d autodesk:revit autodesk:autocad_architecture autodesk:autocad_mep autodesk:infraworks autodesk:autocad_civil_3d autodesk:dwg_trueview autodesk:navisworks autodesk:design_review autodesk:inventor autodesk:autocad_map_3d autodesk:autocad_lt autodesk:autocad_electrical autodesk:autocad_advance_steel autodesk:infrastructure_parts_editor autodesk:fusion autodesk:autocad

• CVE-2021-40166 ● 7 months ago

  A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.

  autodesk:storm_and_sanitary_analysis autodesk:autocad_mechanical autodesk:autocad_plant_3d autodesk:revit autodesk:autocad_architecture autodesk:autocad_mep autodesk:infraworks autodesk:autocad_civil_3d autodesk:dwg_trueview autodesk:navisworks autodesk:design_review autodesk:inventor autodesk:autocad_map_3d autodesk:autocad_lt autodesk:autocad_electrical autodesk:autocad_advance_steel autodesk:infrastructure_parts_editor autodesk:fusion autodesk:autocad

• CVE-2021-40165 ● 7 months ago

  A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

  autodesk:storm_and_sanitary_analysis autodesk:autocad_mechanical autodesk:autocad_plant_3d autodesk:revit autodesk:autocad_architecture autodesk:autocad_mep autodesk:infraworks autodesk:autocad_civil_3d autodesk:dwg_trueview autodesk:navisworks autodesk:design_review autodesk:inventor autodesk:autocad_map_3d autodesk:autocad_lt autodesk:autocad_electrical autodesk:autocad_advance_steel autodesk:infrastructure_parts_editor autodesk:fusion autodesk:autocad

• CVE-2021-40164 ● 7 months ago

  A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

  autodesk:storm_and_sanitary_analysis autodesk:autocad_mechanical autodesk:autocad_plant_3d autodesk:revit autodesk:autocad_architecture autodesk:autocad_mep autodesk:infraworks autodesk:autocad_civil_3d autodesk:dwg_trueview autodesk:navisworks autodesk:design_review autodesk:inventor autodesk:autocad_map_3d autodesk:autocad_lt autodesk:autocad_electrical autodesk:autocad_advance_steel autodesk:infrastructure_parts_editor autodesk:fusion autodesk:autocad

Get alerts for Autodesk Autocad Civil 3d

• CVE-2021-40162 ● 7 months ago

  A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

  autodesk:storm_and_sanitary_analysis autodesk:autocad_mechanical autodesk:autocad_plant_3d autodesk:revit autodesk:autocad_architecture autodesk:autocad_mep autodesk:infraworks autodesk:autocad_civil_3d autodesk:dwg_trueview autodesk:navisworks autodesk:design_review autodesk:inventor autodesk:autocad_map_3d autodesk:autocad_lt autodesk:autocad_electrical autodesk:autocad_advance_steel autodesk:infrastructure_parts_editor autodesk:fusion autodesk:autocad

• CVE-2022-33884 ● 8 months ago

  Parsing a maliciously crafted X_B file can force Autodesk AutoCAD 2023 and 2022 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_plant_3d autodesk:autocad_architecture autodesk:autocad autodesk:autocad_mep autodesk:autocad_lt autodesk:autocad_civil_3d autodesk:autocad_advance_steel autodesk:autocad_mechanical autodesk:autocad_map_3d autodesk:autocad_electrical

• CVE-2022-33890 ● 8 months ago

  A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_electrical autodesk:design_review autodesk:autocad_advance_steel autodesk:autocad_civil_3d autodesk:autocad_lt autodesk:autocad_map_3d autodesk:autocad_plant_3d autodesk:autocad_mep autodesk:autocad autodesk:autocad_architecture autodesk:autocad_mechanical

• CVE-2022-33889 ● 8 months ago

  A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution.

  autodesk:autocad_map_3d autodesk:autocad_mep autodesk:autocad_plant_3d autodesk:autocad_electrical autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:design_review autodesk:autocad_architecture autodesk:autocad autodesk:autocad_civil_3d autodesk:autocad_lt

• CVE-2022-33888 ● 8 months ago

  A malicious crafted Dwg2Spd file when processed through Autodesk DWG application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_map_3d autodesk:autocad_mep autodesk:autocad_plant_3d autodesk:autocad_electrical autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad autodesk:autocad_civil_3d autodesk:autocad_lt

• CVE-2022-33885 ● 8 months ago

  A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.

  autodesk:autocad_map_3d autodesk:autocad_mep autodesk:autocad_plant_3d autodesk:autocad_electrical autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad autodesk:autocad_civil_3d autodesk:autocad_lt

Get alerts for Autodesk Autocad Civil 3d

• CVE-2022-33886 ● 8 months ago

  A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer while parsing through Autodesk AutoCAD 2023 and 2022. The vulnerability exists because the application fails to handle crafted MODEL and SLDPRT files, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code.

  autodesk:autocad_map_3d autodesk:autocad_mep autodesk:autocad_plant_3d autodesk:autocad_electrical autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad autodesk:autocad_civil_3d autodesk:autocad_lt

• CVE-2022-33887 ● 8 months ago

  A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.

  autodesk:autocad_map_3d autodesk:autocad_mep autodesk:autocad_plant_3d autodesk:autocad_electrical autodesk:autocad_mechanical autodesk:autocad_advance_steel autodesk:autocad_architecture autodesk:autocad autodesk:autocad_civil_3d autodesk:autocad_lt

• CVE-2022-33881 ● 10 months ago

  Parsing a maliciously crafted PRT file can force Autodesk AutoCAD 2023 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

  autodesk:autocad_advance_steel autodesk:autocad_mechanical autodesk:autocad_architecture autodesk:autocad_mep autodesk:autocad_plant_3d autodesk:autocad autodesk:autocad_electrical autodesk:autocad_civil_3d autodesk:autocad_lt autodesk:autocad_map_3d

• CVE-2022-27871 ● 11 months ago

  Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code.

  autodesk:navisworks autodesk:autocad_civil_3d autodesk:3ds_max autodesk:autocad_plant_3d autodesk:autocad_lt autodesk:autocad_map_3d autodesk:autocad_mep autodesk:advance_steel autodesk:design_review autodesk:autocad autodesk:autocad_mechanical autodesk:autocad_electrical autodesk:autocad_architecture autodesk:revit

• ZDI-22-473 ● 1 year ago

  This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

  autodesk:autocad autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_mep autodesk:autocad_architecture autodesk:advance_steel autodesk:autocad_lt autodesk:autocad_electrical

• ZDI-22-478 ● 1 year ago

  This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

  autodesk:autocad autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_mep autodesk:autocad_architecture autodesk:advance_steel autodesk:autocad_lt autodesk:autocad_electrical

Get alerts for Autodesk Autocad Civil 3d

• ZDI-22-378 ● 1 year ago

  This vulnerability allows remote attackers to disclose sensitive information on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

  iconics:genesis64 autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_mep autodesk:autocad_architecture autodesk:advance_steel autodesk:autocad_lt autodesk:autocad_electrical

• CVE-2021-27042 ● 1 year ago

  A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. The vulnerability exists because the application fails to handle a crafted DWG file, which causes an unhandled exception. An attacker can leverage this vulnerability to execute arbitrary code.

  autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_mep autodesk:autocad_architecture autodesk:advance_steel autodesk:autocad_lt autodesk:autocad_electrical

• CVE-2021-27040 ● 1 year ago

  A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can be exploited to execute arbitrary code.

  autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_mep autodesk:autocad_architecture autodesk:advance_steel autodesk:autocad_lt autodesk:autocad_electrical

• CVE-2021-27041 ● 1 year ago

  A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG files. This vulnerability can be exploited to execute arbitrary code.

  autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_mep autodesk:autocad_architecture autodesk:advance_steel autodesk:autocad_lt autodesk:autocad_electrical

• CVE-2021-27043 ● 1 year ago

  An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to leverage the application to write in unexpected paths. In order to exploit this the attacker would need the victim to enable full page heap in the application.

  autodesk:autocad autodesk:autocad_plant_3d autodesk:autocad_map_3d autodesk:autocad_civil_3d autodesk:autocad_mechanical autodesk:autocad_mep autodesk:autocad_architecture autodesk:advance_steel autodesk:autocad_lt autodesk:autocad_electrical