What is the severity of CVE-2022-25789?

The severity of CVE-2022-25789 is high with a severity value of 7.8.

Which software versions are affected by CVE-2022-25789?

Autodesk Advance Steel versions 2019.1.4 to 2022.1.2 and Autodesk Autocad versions 2019.1.4 to 2022.2.2 are affected by CVE-2022-25789.

How can CVE-2022-25789 be exploited?

CVE-2022-25789 can be exploited by using maliciously crafted DWF, 3DS, and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, and 2019.

What is the impact of exploiting CVE-2022-25789?

Exploiting CVE-2022-25789 may lead to code execution.

How can I fix CVE-2022-25789?

To fix CVE-2022-25789, update to the latest version of Autodesk Advance Steel or Autodesk Autocad.

Vulnerability/
CVE-2022-25789

high

7.8

CWE

416

11/4/2022

19/4/2022

CVE-2022-25789: Use After Free

First published: Mon Apr 11 2022(Updated: )

A maliciously crafted DWF, 3DS and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.

Credit: psirt@autodesk.com

Affected Software	Affected Version	How to fix
Autodesk Advance Steel	>=2019<2019.1.4
Autodesk Advance Steel	>=2020<2020.1.5
Autodesk Advance Steel	>=2021<2021.1.2
Autodesk Advance Steel	>=2022<2022.1.2
Autodesk Autocad	>=2019<2019.1.4
Autodesk Autocad	>=2020<2020.1.5
Autodesk Autocad	>=2021<2021.1.2
Autodesk Autocad	>=2022<2022.1.2
Autodesk Autocad	>=2022<2022.2.2
Autodesk AutoCAD Architecture	>=2019<2019.1.4
Autodesk AutoCAD Architecture	>=2020<2020.1.5
Autodesk AutoCAD Architecture	>=2021<2021.1.2
Autodesk AutoCAD Architecture	>=2022<2022.1.2
Autodesk AutoCAD Electrical	>=2019<2019.1.4
Autodesk AutoCAD Electrical	>=2020<2020.1.5
Autodesk AutoCAD Electrical	>=2021<2021.1.2
Autodesk AutoCAD Electrical	>=2022<2022.1.2
Autodesk Autocad Lt	>=2019<2019.1.4
Autodesk Autocad Lt	>=2020<2020.1.5
Autodesk Autocad Lt	>=2021<2021.1.2
Autodesk Autocad Lt	>=2022<2022.1.2
Autodesk AutoCAD Map 3D	>=2019<2019.1.4
Autodesk AutoCAD Map 3D	>=2020<2020.1.5
Autodesk AutoCAD Map 3D	>=2021<2021.1.2
Autodesk AutoCAD Map 3D	>=2022<2022.1.2
Autodesk AutoCAD Mechanical	>=2019<2019.1.4
Autodesk AutoCAD Mechanical	>=2020<2020.1.5
Autodesk AutoCAD Mechanical	>=2021<2021.1.2
Autodesk AutoCAD Mechanical	>=2022<2022.1.2
Autodesk AutoCAD MEP	>=2019<2019.1.4
Autodesk AutoCAD MEP	>=2020<2020.1.5
Autodesk AutoCAD MEP	>=2021<2021.1.2
Autodesk AutoCAD MEP	>=2022<2022.1.2
Autodesk AutoCAD Plant 3D	>=2019<2019.1.4
Autodesk AutoCAD Plant 3D	>=2020<2020.1.5
Autodesk AutoCAD Plant 3D	>=2021<2021.1.2
Autodesk AutoCAD Plant 3D	>=2022<2022.1.2
Autodesk Civil 3D	>=2019<2019.1.4
Autodesk Civil 3D	>=2020<2020.1.5
Autodesk Civil 3D	>=2021<2021.1.2
Autodesk Civil 3D	>=2022<2022.1.2

Never miss a vulnerability like this again

Reference Links

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0005

Frequently Asked Questions

What is the severity of CVE-2022-25789?
The severity of CVE-2022-25789 is high with a severity value of 7.8.
Which software versions are affected by CVE-2022-25789?
Autodesk Advance Steel versions 2019.1.4 to 2022.1.2 and Autodesk Autocad versions 2019.1.4 to 2022.2.2 are affected by CVE-2022-25789.
How can CVE-2022-25789 be exploited?
CVE-2022-25789 can be exploited by using maliciously crafted DWF, 3DS, and DWFX files in Autodesk AutoCAD 2022, 2021, 2020, and 2019.
What is the impact of exploiting CVE-2022-25789?
Exploiting CVE-2022-25789 may lead to code execution.
How can I fix CVE-2022-25789?
To fix CVE-2022-25789, update to the latest version of Autodesk Advance Steel or Autodesk Autocad.

collector/nvd-index
vendor/autodesk
canonical/autodesk advance steel
version/autodesk advance steel/2019
version/autodesk advance steel/2020
version/autodesk advance steel/2021
version/autodesk advance steel/2022
canonical/autodesk autocad
version/autodesk autocad/2019
version/autodesk autocad/2020
version/autodesk autocad/2021
version/autodesk autocad/2022
canonical/autodesk autocad architecture
version/autodesk autocad architecture/2019
version/autodesk autocad architecture/2020
version/autodesk autocad architecture/2021
version/autodesk autocad architecture/2022
canonical/autodesk autocad electrical
version/autodesk autocad electrical/2019
version/autodesk autocad electrical/2020
version/autodesk autocad electrical/2021
version/autodesk autocad electrical/2022
canonical/autodesk autocad lt
version/autodesk autocad lt/2019
version/autodesk autocad lt/2020
version/autodesk autocad lt/2021
version/autodesk autocad lt/2022
canonical/autodesk autocad map 3d
version/autodesk autocad map 3d/2019
version/autodesk autocad map 3d/2020
version/autodesk autocad map 3d/2021
version/autodesk autocad map 3d/2022
canonical/autodesk autocad mechanical
version/autodesk autocad mechanical/2019
version/autodesk autocad mechanical/2020
version/autodesk autocad mechanical/2021
version/autodesk autocad mechanical/2022
canonical/autodesk autocad mep
version/autodesk autocad mep/2019
version/autodesk autocad mep/2020
version/autodesk autocad mep/2021
version/autodesk autocad mep/2022
canonical/autodesk autocad plant 3d
version/autodesk autocad plant 3d/2019
version/autodesk autocad plant 3d/2020
version/autodesk autocad plant 3d/2021
version/autodesk autocad plant 3d/2022
canonical/autodesk civil 3d
version/autodesk civil 3d/2019
version/autodesk civil 3d/2020
version/autodesk civil 3d/2021
version/autodesk civil 3d/2022