First published: Wed Sep 15 2021(Updated: )
A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.
Credit: psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk Navisworks | =2019 | |
Autodesk Navisworks | =2020 | |
Autodesk Navisworks | =2021 | |
Autodesk Navisworks | =2022 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-40156 is high with a CVSS score of 7.8.
CVE-2021-40156 affects Autodesk Navisworks versions 2019, 2020, 2021, and 2022.
Yes, CVE-2021-40156 can be exploited to execute arbitrary code.
To fix CVE-2021-40156, users should update to the latest version of Autodesk Navisworks.
More information about CVE-2021-40156 can be found on the Autodesk Security Advisories page.