CVE-2022-27531
First published: Thu Jun 16 2022(Updated: )
A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk 3ds Max | >=2021<2021.3.8 | |
| Autodesk 3ds Max | >=2022<2022.3.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-27531?
CVE-2022-27531 is a vulnerability that allows a maliciously crafted TIF file to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files.
How can CVE-2022-27531 be exploited?
CVE-2022-27531 can be exploited by using a maliciously crafted TIF file that triggers the vulnerability when parsed by Autodesk 3ds Max 2022 and 2021.
What is the severity rating of CVE-2022-27531?
The severity rating of CVE-2022-27531 is high, with a score of 7.8 out of 10.
Which versions of Autodesk 3ds Max are affected by CVE-2022-27531?
Autodesk 3ds Max 2022 and 2021 are affected by CVE-2022-27531.
How can I mitigate the risk of CVE-2022-27531?
To mitigate the risk of CVE-2022-27531, it is recommended to update to the latest version of Autodesk 3ds Max and apply any available security patches.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/autodesk
- canonical/autodesk 3ds max
- version/autodesk 3ds max/2021
- version/autodesk 3ds max/2022