CVE-2022-25794
First published: Mon Apr 11 2022(Updated: )
An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.2 and prior may lead to code execution through maliciously crafted ActionScript Byte Code 'ABC' files or information disclosure. ABC files are created by the Flash compiler and contain executable code. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk FBX Review | <1.5.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-25794?
CVE-2022-25794 has a medium severity rating due to its potential for code execution and information disclosure.
How do I fix CVE-2022-25794?
To fix CVE-2022-25794, upgrade Autodesk FBX Review to version 1.5.3 or later.
What types of vulnerabilities are associated with CVE-2022-25794?
CVE-2022-25794 is associated with an Out-Of-Bounds Read vulnerability.
In which versions of Autodesk FBX Review does CVE-2022-25794 exist?
CVE-2022-25794 affects Autodesk FBX Review version 1.5.2 and earlier.
What can be exploited through CVE-2022-25794?
CVE-2022-25794 can be exploited through maliciously crafted ActionScript Byte Code 'ABC' files.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- agent/source
- vendor/autodesk
- canonical/autodesk fbx review