First published: Tue Apr 09 2019(Updated: )
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
Credit: psirt@autodesk.com psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk Advance Steel | =2018 | |
Autodesk Autocad | =2018 | |
Autodesk AutoCAD Architecture | =2018 | |
Autodesk AutoCAD Electrical | =2018 | |
Autodesk Autocad Lt | =2018 | |
Autodesk AutoCAD Map 3D | =2018 | |
Autodesk AutoCAD Mechanical | =2018 | |
Autodesk AutoCAD MEP | =2018 | |
Autodesk Autocad P\&id | =2018 | |
Autodesk AutoCAD Plant 3D | =2018 | |
Autodesk Civil 3D | =2018 | |
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 | ||
=2018 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-7361 is a vulnerability that allows an attacker to execute code in Autodesk software.
Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, and other related software are affected.
CVE-2019-7361 severity level is high with a score of 7.8.
An attacker can exploit CVE-2019-7361 by convincing a victim to open a malicious action micro (.actm) file that has serialized data.
To fix CVE-2019-7361, users should update their Autodesk software to the latest version.