CVE-2021-27045
First published: Wed Sep 15 2021(Updated: )
A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk Navisworks | =2019 | |
| Autodesk Navisworks | =2020 | |
| Autodesk Navisworks | =2021 | |
| Autodesk Navisworks | =2022 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-27045?
CVE-2021-27045 is a vulnerability in Autodesk Navisworks 2019, 2020, 2021, and 2022 that allows a maliciously crafted PDF file to read beyond allocated boundaries and potentially execute arbitrary code.
How can this vulnerability be exploited?
This vulnerability can be exploited by using a maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, or 2022.
What is the severity of CVE-2021-27045?
The severity of CVE-2021-27045 is high, with a CVSS score of 7.8.
Which versions of Autodesk Navisworks are affected?
Autodesk Navisworks 2019, 2020, 2021, and 2022 are affected by this vulnerability.
Is there a fix available for CVE-2021-27045?
Yes, Autodesk has released a security advisory with information on how to mitigate this vulnerability.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/autodesk
- canonical/autodesk navisworks
- version/autodesk navisworks/2019
- version/autodesk navisworks/2020
- version/autodesk navisworks/2021
- version/autodesk navisworks/2022