CVE-2019-7361
First published: Tue Apr 09 2019(Updated: )
An attacker may convince a victim to open a malicious action micro (.actm) file that has serialized data, which may trigger a code execution in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk Advance Steel | =2018 | |
| Autodesk Autocad | =2018 | |
| Autodesk AutoCAD Architecture | =2018 | |
| Autodesk AutoCAD Electrical | =2018 | |
| Autodesk Autocad Lt | =2018 | |
| Autodesk AutoCAD Map 3D | =2018 | |
| Autodesk AutoCAD Mechanical | =2018 | |
| Autodesk AutoCAD MEP | =2018 | |
| Autodesk Autocad P\&id | =2018 | |
| Autodesk AutoCAD Plant 3D | =2018 | |
| Autodesk Civil 3D | =2018 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-7361?
CVE-2019-7361 is a vulnerability that allows an attacker to execute code in Autodesk software.
Which software is affected by CVE-2019-7361?
Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, and other related software are affected.
What is the severity level of CVE-2019-7361?
CVE-2019-7361 severity level is high with a score of 7.8.
How can an attacker exploit CVE-2019-7361?
An attacker can exploit CVE-2019-7361 by convincing a victim to open a malicious action micro (.actm) file that has serialized data.
Is there a fix for CVE-2019-7361?
To fix CVE-2019-7361, users should update their Autodesk software to the latest version.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/autodesk
- canonical/autodesk advance steel
- version/autodesk advance steel/2018
- canonical/autodesk autocad
- version/autodesk autocad/2018
- canonical/autodesk autocad architecture
- version/autodesk autocad architecture/2018
- canonical/autodesk autocad electrical
- version/autodesk autocad electrical/2018
- canonical/autodesk autocad lt
- version/autodesk autocad lt/2018
- canonical/autodesk autocad map 3d
- version/autodesk autocad map 3d/2018
- canonical/autodesk autocad mechanical
- version/autodesk autocad mechanical/2018
- canonical/autodesk autocad mep
- version/autodesk autocad mep/2018
- canonical/autodesk autocad p\&id
- version/autodesk autocad p\&id/2018
- canonical/autodesk autocad plant 3d
- version/autodesk autocad plant 3d/2018
- canonical/autodesk civil 3d
- version/autodesk civil 3d/2018