First published: Wed Sep 15 2021(Updated: )
A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code.
Credit: psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk Navisworks | =2019 | |
Autodesk Navisworks | =2020 | |
Autodesk Navisworks | =2021 | |
Autodesk Navisworks | =2022 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-27045 is a vulnerability in Autodesk Navisworks 2019, 2020, 2021, and 2022 that allows a maliciously crafted PDF file to read beyond allocated boundaries and potentially execute arbitrary code.
This vulnerability can be exploited by using a maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, or 2022.
The severity of CVE-2021-27045 is high, with a CVSS score of 7.8.
Autodesk Navisworks 2019, 2020, 2021, and 2022 are affected by this vulnerability.
Yes, Autodesk has released a security advisory with information on how to mitigate this vulnerability.