CVE-2021-40164: Buffer Overflow
First published: Fri Oct 07 2022(Updated: )
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk AutoCAD 2024 | >=2019<2019.1.4 | |
| Autodesk AutoCAD 2024 | >=2020<2020.1.5 | |
| Autodesk AutoCAD 2024 | >=2021<2021.1.2 | |
| Autodesk AutoCAD 2024 | >=2022<2022.1.2 | |
| Autodesk AutoCAD Advance Steel | >=2019<2019.1.4 | |
| Autodesk AutoCAD Advance Steel | >=2020<2020.1.5 | |
| Autodesk AutoCAD Advance Steel | >=2021<2021.1.2 | |
| Autodesk AutoCAD Advance Steel | >=2022<2022.1.2 | |
| AutoCAD | >=2019<2019.1.4 | |
| AutoCAD | >=2020<2020.1.5 | |
| AutoCAD | >=2021<2021.1.2 | |
| AutoCAD | >=2022<2022.1.2 | |
| Autodesk Civil 3D | >=2019<2019.1.4 | |
| Autodesk Civil 3D | >=2020<2020.1.5 | |
| Autodesk Civil 3D | >=2021<2021.1.2 | |
| Autodesk Civil 3D | >=2022<2022.1.2 | |
| AutoCAD | >=2019<2019.1.4 | |
| AutoCAD | >=2020<2020.1.5 | |
| AutoCAD | >=2021<2021.1.2 | |
| AutoCAD | >=2022<2022.1.2 | |
| Autodesk AutoCAD LT 2017 | >=2019<2019.1.4 | |
| Autodesk AutoCAD LT 2017 | >=2020<2020.1.5 | |
| Autodesk AutoCAD LT for macOS | >=2020<2020.3.2 | |
| Autodesk AutoCAD LT 2017 | >=2021<2021.1.2 | |
| Autodesk AutoCAD LT for macOS | >=2021<2021.2.2 | |
| Autodesk AutoCAD LT 2017 | >=2022<2022.1.2 | |
| Autodesk AutoCAD LT for macOS | >=2022<2022.2.2 | |
| AutoCAD | >=2019<2019.1.4 | |
| AutoCAD | >=2020<2020.1.5 | |
| AutoCAD | >=2021<2021.1.2 | |
| AutoCAD | >=2022<2022.1.2 | |
| AutoCAD | >=2019<2019.1.4 | |
| AutoCAD | >=2020<2020.1.5 | |
| AutoCAD | >=2021<2021.1.2 | |
| AutoCAD | >=2022<2022.1.2 | |
| AutoCAD | >=2019<2019.1.4 | |
| AutoCAD | >=2020<2020.1.5 | |
| AutoCAD | >=2021<2021.1.2 | |
| AutoCAD | >=2022<2022.1.2 | |
| AutoCAD | >=2019<2019.1.4 | |
| AutoCAD | >=2020<2020.1.5 | |
| AutoCAD | >=2021<2021.1.2 | |
| AutoCAD | >=2022<2022.1.2 | |
| Autodesk Design Review 2011 | =2018 | |
| Autodesk Design Review 2011 | =2018-hotfix | |
| Autodesk Design Review 2011 | =2018-hotfix2 | |
| Autodesk Design Review 2011 | =2018-hotfix3 | |
| Autodesk DWG TrueView 2022 | >=2019<2019.1.4 | |
| Autodesk DWG TrueView 2022 | >=2020<2020.1.5 | |
| Autodesk DWG TrueView 2022 | >=2021<2021.1.2 | |
| Autodesk DWG TrueView 2022 | >=2022<2022.1.1 | |
| Autodesk Fusion 360 | >=2.0.10356<2.0.11405 | |
| Autodesk Infrastructure Parts Editor | >=2019<2019.2.2 | |
| Autodesk Infrastructure Parts Editor | >=2020<2020.0.2 | |
| Autodesk Infrastructure Parts Editor | =2021 | |
| Autodesk Infrastructure Parts Editor | =2022 | |
| Autodesk InfraWorks | >=2019<2019.3 | |
| Autodesk InfraWorks | >=2020<2020.2 | |
| Autodesk InfraWorks | >=2021<2021.2 | |
| Autodesk InfraWorks | =2019.3 | |
| Autodesk InfraWorks | =2019.3-hotfix_1 | |
| Autodesk InfraWorks | =2019.3-hotfix_2 | |
| Autodesk InfraWorks | =2019.3-hotfix_3 | |
| Autodesk InfraWorks | =2020.2 | |
| Autodesk InfraWorks | =2020.2-hotfix_1 | |
| Autodesk InfraWorks | =2020.2-hotfix_2 | |
| Autodesk InfraWorks | =2021.2 | |
| Autodesk InfraWorks | =2021.2-hotfix_1 | |
| Autodesk InfraWorks | =2021.2-hotfix_2 | |
| Autodesk InfraWorks | =2022.0 | |
| Autodesk InfraWorks | =2022.0-hotfix_1 | |
| Autodesk InfraWorks | =2022.1 | |
| Autodesk Inventor | >=2019<2019.6 | |
| Autodesk Inventor | >=2020<2020.5 | |
| Autodesk Inventor | >=2021<2021.4 | |
| Autodesk Inventor | >=2022<2022.2 | |
| Autodesk Navisworks | >=2019<2019.7 | |
| Autodesk Navisworks | >=2020<2020.5 | |
| Autodesk Navisworks | >=2021<2021.4 | |
| Autodesk Navisworks | >=2022<2022.2 | |
| Autodesk Revit 2025 | >=2019<2019.2.4 | |
| Autodesk Revit 2025 | >=2020<2020.2.6 | |
| Autodesk Revit 2025 | >=2021<2021.1.5 | |
| Autodesk Revit 2025 | =2022 | |
| Autodesk Storm and Sanitary Analysis | >=2020<2020.3.1 | |
| Autodesk Storm and Sanitary Analysis | >=2021<2021.3.1 | |
| Autodesk Storm and Sanitary Analysis | =2019 | |
| Autodesk Storm and Sanitary Analysis | =2022 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2021-40164?
CVE-2021-40164 has been classified as a critical severity vulnerability due to its potential for arbitrary code execution.
How do I fix CVE-2021-40164?
To fix CVE-2021-40164, users should update their affected Autodesk software to the latest version that addresses this vulnerability.
Which Autodesk products are affected by CVE-2021-40164?
CVE-2021-40164 affects multiple versions of Autodesk software including AutoCAD, AutoCAD LT, and Autodesk Design Review among others.
What type of vulnerability is CVE-2021-40164?
CVE-2021-40164 is a heap-based buffer overflow vulnerability that can occur while parsing image files.
Can CVE-2021-40164 be exploited remotely?
Yes, CVE-2021-40164 can potentially be exploited remotely if the malicious TIFF, PICT, TGA, or RLC files are opened by a user.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/autodesk
- canonical/autodesk autocad 2024
- version/autodesk autocad 2024/2019
- version/autodesk autocad 2024/2020
- version/autodesk autocad 2024/2021
- version/autodesk autocad 2024/2022
- canonical/autodesk autocad advance steel
- version/autodesk autocad advance steel/2019
- version/autodesk autocad advance steel/2020
- version/autodesk autocad advance steel/2021
- version/autodesk autocad advance steel/2022
- canonical/autocad
- version/autocad/2019
- version/autocad/2020
- version/autocad/2021
- version/autocad/2022
- canonical/autodesk civil 3d
- version/autodesk civil 3d/2019
- version/autodesk civil 3d/2020
- version/autodesk civil 3d/2021
- version/autodesk civil 3d/2022
- canonical/autodesk autocad lt 2017
- version/autodesk autocad lt 2017/2019
- version/autodesk autocad lt 2017/2020
- canonical/autodesk autocad lt for macos
- version/autodesk autocad lt for macos/2020
- version/autodesk autocad lt 2017/2021
- version/autodesk autocad lt for macos/2021
- version/autodesk autocad lt 2017/2022
- version/autodesk autocad lt for macos/2022
- canonical/autodesk design review 2011
- version/autodesk design review 2011/2018
- version/autodesk design review 2011/2018-hotfix
- version/autodesk design review 2011/2018-hotfix2
- version/autodesk design review 2011/2018-hotfix3
- canonical/autodesk dwg trueview 2022
- version/autodesk dwg trueview 2022/2019
- version/autodesk dwg trueview 2022/2020
- version/autodesk dwg trueview 2022/2021
- version/autodesk dwg trueview 2022/2022
- canonical/autodesk fusion 360
- version/autodesk fusion 360/2.0.10356
- canonical/autodesk infrastructure parts editor
- version/autodesk infrastructure parts editor/2019
- version/autodesk infrastructure parts editor/2020
- version/autodesk infrastructure parts editor/2021
- version/autodesk infrastructure parts editor/2022
- canonical/autodesk infraworks
- version/autodesk infraworks/2019
- version/autodesk infraworks/2020
- version/autodesk infraworks/2021
- version/autodesk infraworks/2019.3
- version/autodesk infraworks/2019.3-hotfix_1
- version/autodesk infraworks/2019.3-hotfix_2
- version/autodesk infraworks/2019.3-hotfix_3
- version/autodesk infraworks/2020.2
- version/autodesk infraworks/2020.2-hotfix_1
- version/autodesk infraworks/2020.2-hotfix_2
- version/autodesk infraworks/2021.2
- version/autodesk infraworks/2021.2-hotfix_1
- version/autodesk infraworks/2021.2-hotfix_2
- version/autodesk infraworks/2022.0
- version/autodesk infraworks/2022.0-hotfix_1
- version/autodesk infraworks/2022.1
- canonical/autodesk inventor
- version/autodesk inventor/2019
- version/autodesk inventor/2020
- version/autodesk inventor/2021
- version/autodesk inventor/2022
- canonical/autodesk navisworks
- version/autodesk navisworks/2019
- version/autodesk navisworks/2020
- version/autodesk navisworks/2021
- version/autodesk navisworks/2022
- canonical/autodesk revit 2025
- version/autodesk revit 2025/2019
- version/autodesk revit 2025/2020
- version/autodesk revit 2025/2021
- version/autodesk revit 2025/2022
- canonical/autodesk storm and sanitary analysis
- version/autodesk storm and sanitary analysis/2020
- version/autodesk storm and sanitary analysis/2021
- version/autodesk storm and sanitary analysis/2019
- version/autodesk storm and sanitary analysis/2022